HP Sure Start BIOS Intel Flash Descriptor Vulnerability (CVE-2023-6215)
CVE-2023-6215 Published on October 7, 2025
HP Sure Start IFD Protection - BIOS Security Update
A potential security vulnerability has been identified in HP Sure Starts protection of the Intel Flash Descriptor in certain HP PC products, which might allow security bypass, arbitrary code execution, loss of integrity or confidentiality, or denial of service. HP is releasing BIOS updates to mitigate the potential vulnerability.
Weakness Type
Missing Authentication for Critical Function
The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Products Associated with CVE-2023-6215
Want to know whenever a new CVE is published for HP Sure Start? stack.watch will email you.
Affected Versions
HP, Inc. HP Sure Start IFD Protection Version See HP security bulletin reference for affected versions is affected by CVE-2023-6215Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.