Cyber Resilience

CVE-2023-6138

High

Published: 14 February 2024

Published
14 February 2024
Modified
22 December 2025
KEV Added
Patch
CVSS Score v3.1 7.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
EPSS Score 0.0016 37.0th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-6138 is a high-severity an unspecified weakness vulnerability in Hp Z440 Workstation Firmware. Its CVSS base score is 7.9 (High).

Operationally, ranked at the 37.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

A potential security vulnerability has been identified in the system BIOS for certain HP Workstation PCs, which might allow escalation of privilege, arbitrary code execution, or denial of service. HP is releasing mitigation for the potential vulnerability.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

hp
z440 workstation firmware
≤ 2.62
hp
z640 workstation firmware
≤ 2.62
hp
z840 workstation firmware
≤ 2.62

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References