All the vulnerabilites related to hp - prodesk_400_g6_mt_firmware
cve-2019-18913
Vulnerability from cvelistv5
Published
2020-01-31 03:04
Modified
2024-08-05 02:02
Severity ?
EPSS score ?
Summary
A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. Affected versions depend on platform (prior to 01.04.02; or prior to 02.04.01; or prior to 02.04.02).
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hp.com/us-en/document/c06549501 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | HP Inc. | HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. |
Version: Depends on platform. Prior to 01.04.02 Version: or prior to 02.04.01 Version: or prior to 02.04.02. |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/c06549501"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection.",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "Depends on platform. Prior to 01.04.02"
},
{
"status": "affected",
"version": "or prior to 02.04.01"
},
{
"status": "affected",
"version": "or prior to 02.04.02."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. Affected versions depend on platform (prior to 01.04.02; or prior to 02.04.01; or prior to 02.04.02)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Possible Arbitrary Code Execution, Denial of Service, Information Disclosure.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-31T03:04:11",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hp.com/us-en/document/c06549501"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2019-18913",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection.",
"version": {
"version_data": [
{
"version_value": "Depends on platform. Prior to 01.04.02"
},
{
"version_value": "or prior to 02.04.01"
},
{
"version_value": "or prior to 02.04.02."
}
]
}
}
]
},
"vendor_name": "HP Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. Affected versions depend on platform (prior to 01.04.02; or prior to 02.04.01; or prior to 02.04.02)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Possible Arbitrary Code Execution, Denial of Service, Information Disclosure."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/c06549501",
"refsource": "CONFIRM",
"url": "https://support.hp.com/us-en/document/c06549501"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2019-18913",
"datePublished": "2020-01-31T03:04:11",
"dateReserved": "2019-11-12T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-01-31 04:15
Modified
2024-11-21 04:33
Severity ?
Summary
A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. Affected versions depend on platform (prior to 01.04.02; or prior to 02.04.01; or prior to 02.04.02).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| hp-security-alert@hp.com | https://support.hp.com/us-en/document/c06549501 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hp.com/us-en/document/c06549501 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitedesk_800_g5_dm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3285E736-3B13-4CED-8BF4-CD4E5275A3BA",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitedesk_800_g5_dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "296E9536-C541-45A7-8EBB-A4DBFAA20775",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitedesk_800_g5_sff_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3E2A36-2189-462B-94BE-94AFE5C351B2",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitedesk_800_g5_sff:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C0FF23D-0FAF-4D4C-A84E-C5DF0739F442",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitedesk_800_g5_twr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0877432B-4344-440E-A36C-83D1216B4E1E",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitedesk_800_g5_twr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A968FB5-B706-4D83-9827-0EAF65AA8E74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:eliteone_800_g5_aio_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8BB48E6-9FA5-42EB-8103-70F3DC6A9F47",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:eliteone_800_g5_aio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DDE1232-18B3-4A1B-920A-E55837860A4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_400_g5_dm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE1AC440-CAD3-443F-AE8C-746883597652",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_400_g5_dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9C5D12-EFE1-4B1D-A379-8CA94EBE2685",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_400_g6_mt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4CCB8E-1510-4FC9-AAB1-A8F794F941E7",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_400_g6_mt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39406339-5379-48F1-B43A-C4EC1A511403",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_400_g6_sff_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9D11DEF-BA68-45CA-A67A-09A9F7850C72",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_400_g6_sff:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45321F3E-4D78-43D0-B5A4-F0014BD5DA83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_480_g6_mt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3835671-50C4-406A-8A53-B592842D979C",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_480_g6_mt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA5894E5-272A-41E0-930F-6BCD676EAC68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_600_g5_dm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC52335-0763-4435-A133-E1441DEA4CA8",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_600_g5_dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A62F98F9-C382-4878-8133-259DA7F551A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_600_g5_mt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2040DAB5-553A-4342-897C-C9810DEBD35E",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_600_g5_mt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8FEC79A-4486-4DB4-BCD9-CF38EF59D27A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_600_g5_pci_mt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF685309-20EF-446F-AADA-77DAF482C52B",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_600_g5_pci_mt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E8145-B314-4E49-9EA4-3E6EBCAD213B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_600_g5_sff_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE20576B-5D14-4225-BB74-A05CD11123FB",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_600_g5_sff:-:*:*:*:*:*:*:*",
"matchCriteriaId": "510DC086-AE58-4747-B0EF-05C83BC77361",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proone_400_g5_aio_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85E63D9-3EB7-45D4-8850-C1E70FD4724B",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proone_400_g5_aio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "357231AD-5DA1-4BAD-84D5-C0148D9020DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proone_440_g5_aio_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "214964DF-FF9E-4AC6-AED3-B0C2214B557E",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proone_440_g5_aio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90A6F231-197C-48F7-9A1B-BD23DFDEB575",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proone_600_g5_aio_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B03189D-C82F-4E2B-B822-3F1CABE09635",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proone_600_g5_aio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37C04C17-60EB-446A-BEA0-D5AE7F066156",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elite_dragonfly_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "044131CF-A4A7-4C2B-906F-A9360051756A",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elite_dragonfly:-:*:*:*:*:*:*:*",
"matchCriteriaId": "119A1751-0FD4-4FA7-8681-CC82C4D47BFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elite_x2_g4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6E7759-9992-4855-B291-DC4CEA8DC987",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elite_x2_g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72682A82-B694-4CE0-9B88-DCAAC8A6C8B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_830_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2992EDB-67D2-4649-B7C6-9B9BC29AC9D0",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_830_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8707F9-46CB-48F7-8CFA-EE90F44D5585",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_836_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A670F69B-0B56-4271-9EA7-C7758A8B7FC6",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_836_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "663E72B3-5986-434C-B395-43CF1A461A55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_840_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CF35B1-9BA8-494C-81E4-8DBA41E02233",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_840_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5091726-485B-4F0D-A451-8FA3FF10B952",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_840_g6_healthcare_edition_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E852C2-A935-47F1-B22A-E8BCB14AC2BB",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_840_g6_healthcare_edition:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02654E2D-30A7-4A07-AD0A-10402AD2CD7D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_846_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AB80BBE-D94F-42D5-B84B-FE73B695A182",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_846_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AB963DD-777E-4FB8-844D-71BB14CBE08F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_846_g6_healthcare_edition_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE54E43C-E313-4BA9-A329-4639F5737E97",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_846_g6_healthcare_edition:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49AF7550-3FA5-4C11-8F62-44192025D0A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_850_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7E9C89-0ABD-4D82-9071-72F486B24E73",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_850_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC02312C-289C-445B-8FC6-D5854EA44F87",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_x360_1030_g4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F8151B3-245D-4DF8-819B-15BE94322632",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_x360_1030_g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "201BF348-CDDE-4ED8-9339-0830AEE5B208",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_x360_1040_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDCFB9E3-8976-490B-8D02-65A9BEF5C0E3",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_x360_1040_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "485F527D-CED9-4865-BF19-0E474ED5C177",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_x360_830_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E694FD28-1BB0-4B3F-9298-71103F30919A",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_x360_830_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "707ACE08-2017-4A78-837F-BEBC02929E99",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:probook_640_g5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9BAA2AE-FB22-4620-9378-175838DF0DF8",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:probook_640_g5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "657F2CA6-D464-466F-BB6F-11316D3E27DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:probook_650_g5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06D7EC1E-E07F-4D3C-BC52-BDA7B99C7558",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:probook_650_g5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F15254-6AF1-4495-B89F-F58084D11D36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zbook_14u_g6_mobile_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E82F404-2902-420D-BB00-8EC47440AC21",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zbook_14u_g6_mobile_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA294DB-2734-4C61-9075-49A2707CB482",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zbook_15u_g6_mobile_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "906E44BC-EF21-40BE-8815-EAA1397D5AD2",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zbook_15u_g6_mobile_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65A80149-6172-4C1A-946E-2CC5159AFD11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_x_13_g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E66934BD-DB86-4D96-852C-52D43A2BFAB8",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_x_13_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C5FBB0A-9A79-482F-9E59-2291712BD161",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zbook_17u_g6_mobile_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27F84110-1D30-4A72-978F-103D5996021D",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zbook_17u_g6_mobile_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D06E33A-ACA6-486F-9670-DD4DD83AA887",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. Affected versions depend on platform (prior to 01.04.02; or prior to 02.04.01; or prior to 02.04.02)."
},
{
"lang": "es",
"value": "Una potencial vulnerabilidad de seguridad con DMA previo al inicio puede permitir una ejecuci\u00f3n no autorizada de c\u00f3digo UEFI usando ataques de casos abiertos. Este problema de toda la industria requiere acceder f\u00edsicamente a los slots de expansi\u00f3n internos con herramientas de hardware y software especializadas para modificar el c\u00f3digo UEFI en la memoria. Esto afecta a HP Intel-based Business PCs que soportan la protecci\u00f3n DMA de Kernel de Microsoft Windows 10. Las versiones afectadas dependen de la plataforma (versiones anteriores a 01.04.02; o anteriores a 02.04.01; o anteriores a 02.04.02)."
}
],
"id": "CVE-2019-18913",
"lastModified": "2024-11-21T04:33:49.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-31T04:15:10.993",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06549501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06549501"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}