CVE-2023-6215 HIGH

CVE-2023-6215: HP Sure Start IFD Protection - BIOS Security Update

Vendor Hp, Inc.
Product HP Sure Start IFD Protection
Published October 7, 2025
Last update October 7, 2025

CVSS base score

7.2/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H

What the vulnerability does

01Description

A potential security vulnerability has been identified in HP Sure Start’s protection of the Intel Flash Descriptor in certain HP PC products, which might allow security bypass, arbitrary code execution, loss of integrity or confidentiality, or denial of service. HP is releasing BIOS updates to mitigate the potential vulnerability.

Key dates

02Disclosure timeline

October 7, 2025 CVE published
October 7, 2025 Record updated