CVE-2023-6138
High
Published: 14 February 2024
Published
14 February 2024
Modified
22 December 2025
KEV Added
—
Patch
—
CVSS Score v3.1
7.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
EPSS Score
0.0016
37.0th percentile
Risk Priority
16
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2023-6138 is a high-severity an unspecified weakness vulnerability in Hp Z440 Workstation Firmware. Its CVSS base score is 7.9 (High).
Operationally, ranked at the 37.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-58392
Vulnerability details
A potential security vulnerability has been identified in the system BIOS for certain HP Workstation PCs, which might allow escalation of privilege, arbitrary code execution, or denial of service. HP is releasing mitigation for the potential vulnerability.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
hp
z440 workstation firmware
≤ 2.62
hp
z640 workstation firmware
≤ 2.62
hp
z840 workstation firmware
≤ 2.62
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.