CVE-2024-5477
Published: 13 August 2025
Summary
CVE-2024-5477 is a high-severity Improper Restriction of Software Interfaces to Hardware Features (CWE-1256) vulnerability in Hp (inferred from references). Its CVSS base score is 7.3 (High).
Operationally, ranked at the 44.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-54878
Vulnerability details
A potential security vulnerability has been identified in the System BIOS for some HP PC products which may allow escalation of privilege, arbitrary code execution, denial of service, or information disclosure via a physical attack that requires specialized equipment and…
more
knowledge. HP is releasing firmware mitigation for the potential vulnerability.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.