Vulnerability-Lookup - Search a vulnerability

All the vulnerabilites related to HP Inc. - Multiple - See https://support.hp.com/rs-en/document/c06456250

cve-2019-16284

Vulnerability from cvelistv5

Published

2019-11-05 20:16

Modified

2024-08-05 01:10

Severity ?

Summary

A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary SMM (System Management Mode) code. A list of affected products and versions are available in https://support.hp.com/rs-en/document/c06456250.

References

▼	URL	Tags
	https://support.hp.com/rs-en/document/c06456250	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

HP Inc.

Multiple - See https://support.hp.com/rs-en/document/c06456250

Version: Multiple - See https://support.hp.com/rs-en/document/c06456250

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:10:41.768Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hp.com/rs-en/document/c06456250"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Multiple - See https://support.hp.com/rs-en/document/c06456250",
          "vendor": "HP Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Multiple - See https://support.hp.com/rs-en/document/c06456250"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary SMM (System Management Mode) code. A list of affected products and versions are available in https://support.hp.com/rs-en/document/c06456250."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-05T20:16:57",
        "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "shortName": "hp"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hp.com/rs-en/document/c06456250"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "hp-security-alert@hp.com",
          "ID": "CVE-2019-16284",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Multiple - See https://support.hp.com/rs-en/document/c06456250",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Multiple - See https://support.hp.com/rs-en/document/c06456250"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "HP Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary SMM (System Management Mode) code. A list of affected products and versions are available in https://support.hp.com/rs-en/document/c06456250."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Elevation of privilege"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.hp.com/rs-en/document/c06456250",
              "refsource": "CONFIRM",
              "url": "https://support.hp.com/rs-en/document/c06456250"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
    "assignerShortName": "hp",
    "cveId": "CVE-2019-16284",
    "datePublished": "2019-11-05T20:16:57",
    "dateReserved": "2019-09-13T00:00:00",
    "dateUpdated": "2024-08-05T01:10:41.768Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}