FKIE_CVE-2019-18913
Vulnerability from fkie_nvd - Published: 2020-01-31 04:15 - Updated: 2024-11-21 04:33
Severity ?
Summary
A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. Affected versions depend on platform (prior to 01.04.02; or prior to 02.04.01; or prior to 02.04.02).
References
| URL | Tags | ||
|---|---|---|---|
| hp-security-alert@hp.com | https://support.hp.com/us-en/document/c06549501 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hp.com/us-en/document/c06549501 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitedesk_800_g5_dm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3285E736-3B13-4CED-8BF4-CD4E5275A3BA",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitedesk_800_g5_dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "296E9536-C541-45A7-8EBB-A4DBFAA20775",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitedesk_800_g5_sff_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3E2A36-2189-462B-94BE-94AFE5C351B2",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitedesk_800_g5_sff:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C0FF23D-0FAF-4D4C-A84E-C5DF0739F442",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitedesk_800_g5_twr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0877432B-4344-440E-A36C-83D1216B4E1E",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitedesk_800_g5_twr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A968FB5-B706-4D83-9827-0EAF65AA8E74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:eliteone_800_g5_aio_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8BB48E6-9FA5-42EB-8103-70F3DC6A9F47",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:eliteone_800_g5_aio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DDE1232-18B3-4A1B-920A-E55837860A4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_400_g5_dm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE1AC440-CAD3-443F-AE8C-746883597652",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_400_g5_dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9C5D12-EFE1-4B1D-A379-8CA94EBE2685",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_400_g6_mt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4CCB8E-1510-4FC9-AAB1-A8F794F941E7",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_400_g6_mt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39406339-5379-48F1-B43A-C4EC1A511403",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_400_g6_sff_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9D11DEF-BA68-45CA-A67A-09A9F7850C72",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_400_g6_sff:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45321F3E-4D78-43D0-B5A4-F0014BD5DA83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_480_g6_mt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3835671-50C4-406A-8A53-B592842D979C",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_480_g6_mt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA5894E5-272A-41E0-930F-6BCD676EAC68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_600_g5_dm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC52335-0763-4435-A133-E1441DEA4CA8",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_600_g5_dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A62F98F9-C382-4878-8133-259DA7F551A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_600_g5_mt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2040DAB5-553A-4342-897C-C9810DEBD35E",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_600_g5_mt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8FEC79A-4486-4DB4-BCD9-CF38EF59D27A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_600_g5_pci_mt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF685309-20EF-446F-AADA-77DAF482C52B",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_600_g5_pci_mt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E8145-B314-4E49-9EA4-3E6EBCAD213B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_600_g5_sff_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE20576B-5D14-4225-BB74-A05CD11123FB",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_600_g5_sff:-:*:*:*:*:*:*:*",
"matchCriteriaId": "510DC086-AE58-4747-B0EF-05C83BC77361",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proone_400_g5_aio_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85E63D9-3EB7-45D4-8850-C1E70FD4724B",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proone_400_g5_aio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "357231AD-5DA1-4BAD-84D5-C0148D9020DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proone_440_g5_aio_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "214964DF-FF9E-4AC6-AED3-B0C2214B557E",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proone_440_g5_aio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90A6F231-197C-48F7-9A1B-BD23DFDEB575",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proone_600_g5_aio_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B03189D-C82F-4E2B-B822-3F1CABE09635",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proone_600_g5_aio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37C04C17-60EB-446A-BEA0-D5AE7F066156",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elite_dragonfly_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "044131CF-A4A7-4C2B-906F-A9360051756A",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elite_dragonfly:-:*:*:*:*:*:*:*",
"matchCriteriaId": "119A1751-0FD4-4FA7-8681-CC82C4D47BFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elite_x2_g4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6E7759-9992-4855-B291-DC4CEA8DC987",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elite_x2_g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72682A82-B694-4CE0-9B88-DCAAC8A6C8B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_830_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2992EDB-67D2-4649-B7C6-9B9BC29AC9D0",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_830_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8707F9-46CB-48F7-8CFA-EE90F44D5585",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_836_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A670F69B-0B56-4271-9EA7-C7758A8B7FC6",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_836_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "663E72B3-5986-434C-B395-43CF1A461A55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_840_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CF35B1-9BA8-494C-81E4-8DBA41E02233",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_840_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5091726-485B-4F0D-A451-8FA3FF10B952",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_840_g6_healthcare_edition_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E852C2-A935-47F1-B22A-E8BCB14AC2BB",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_840_g6_healthcare_edition:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02654E2D-30A7-4A07-AD0A-10402AD2CD7D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_846_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AB80BBE-D94F-42D5-B84B-FE73B695A182",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_846_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AB963DD-777E-4FB8-844D-71BB14CBE08F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_846_g6_healthcare_edition_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE54E43C-E313-4BA9-A329-4639F5737E97",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_846_g6_healthcare_edition:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49AF7550-3FA5-4C11-8F62-44192025D0A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_850_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7E9C89-0ABD-4D82-9071-72F486B24E73",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_850_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC02312C-289C-445B-8FC6-D5854EA44F87",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_x360_1030_g4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F8151B3-245D-4DF8-819B-15BE94322632",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_x360_1030_g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "201BF348-CDDE-4ED8-9339-0830AEE5B208",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_x360_1040_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDCFB9E3-8976-490B-8D02-65A9BEF5C0E3",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_x360_1040_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "485F527D-CED9-4865-BF19-0E474ED5C177",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_x360_830_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E694FD28-1BB0-4B3F-9298-71103F30919A",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_x360_830_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "707ACE08-2017-4A78-837F-BEBC02929E99",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:probook_640_g5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9BAA2AE-FB22-4620-9378-175838DF0DF8",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:probook_640_g5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "657F2CA6-D464-466F-BB6F-11316D3E27DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:probook_650_g5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06D7EC1E-E07F-4D3C-BC52-BDA7B99C7558",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:probook_650_g5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F15254-6AF1-4495-B89F-F58084D11D36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zbook_14u_g6_mobile_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E82F404-2902-420D-BB00-8EC47440AC21",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zbook_14u_g6_mobile_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA294DB-2734-4C61-9075-49A2707CB482",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zbook_15u_g6_mobile_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "906E44BC-EF21-40BE-8815-EAA1397D5AD2",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zbook_15u_g6_mobile_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65A80149-6172-4C1A-946E-2CC5159AFD11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_x_13_g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E66934BD-DB86-4D96-852C-52D43A2BFAB8",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_x_13_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C5FBB0A-9A79-482F-9E59-2291712BD161",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zbook_17u_g6_mobile_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27F84110-1D30-4A72-978F-103D5996021D",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zbook_17u_g6_mobile_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D06E33A-ACA6-486F-9670-DD4DD83AA887",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. Affected versions depend on platform (prior to 01.04.02; or prior to 02.04.01; or prior to 02.04.02)."
},
{
"lang": "es",
"value": "Una potencial vulnerabilidad de seguridad con DMA previo al inicio puede permitir una ejecuci\u00f3n no autorizada de c\u00f3digo UEFI usando ataques de casos abiertos. Este problema de toda la industria requiere acceder f\u00edsicamente a los slots de expansi\u00f3n internos con herramientas de hardware y software especializadas para modificar el c\u00f3digo UEFI en la memoria. Esto afecta a HP Intel-based Business PCs que soportan la protecci\u00f3n DMA de Kernel de Microsoft Windows 10. Las versiones afectadas dependen de la plataforma (versiones anteriores a 01.04.02; o anteriores a 02.04.01; o anteriores a 02.04.02)."
}
],
"id": "CVE-2019-18913",
"lastModified": "2024-11-21T04:33:49.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-31T04:15:10.993",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06549501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06549501"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…