fkie_cve-2019-18913
Vulnerability from fkie_nvd
Published
2020-01-31 04:15
Modified
2024-11-21 04:33
Severity ?
Summary
A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. Affected versions depend on platform (prior to 01.04.02; or prior to 02.04.01; or prior to 02.04.02).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| hp-security-alert@hp.com | https://support.hp.com/us-en/document/c06549501 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hp.com/us-en/document/c06549501 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitedesk_800_g5_dm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3285E736-3B13-4CED-8BF4-CD4E5275A3BA",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitedesk_800_g5_dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "296E9536-C541-45A7-8EBB-A4DBFAA20775",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitedesk_800_g5_sff_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3E2A36-2189-462B-94BE-94AFE5C351B2",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitedesk_800_g5_sff:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C0FF23D-0FAF-4D4C-A84E-C5DF0739F442",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitedesk_800_g5_twr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0877432B-4344-440E-A36C-83D1216B4E1E",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitedesk_800_g5_twr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A968FB5-B706-4D83-9827-0EAF65AA8E74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:eliteone_800_g5_aio_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8BB48E6-9FA5-42EB-8103-70F3DC6A9F47",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:eliteone_800_g5_aio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DDE1232-18B3-4A1B-920A-E55837860A4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_400_g5_dm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE1AC440-CAD3-443F-AE8C-746883597652",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_400_g5_dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9C5D12-EFE1-4B1D-A379-8CA94EBE2685",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_400_g6_mt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4CCB8E-1510-4FC9-AAB1-A8F794F941E7",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_400_g6_mt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39406339-5379-48F1-B43A-C4EC1A511403",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_400_g6_sff_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9D11DEF-BA68-45CA-A67A-09A9F7850C72",
"versionEndExcluding": "02.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_400_g6_sff:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45321F3E-4D78-43D0-B5A4-F0014BD5DA83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_480_g6_mt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3835671-50C4-406A-8A53-B592842D979C",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_480_g6_mt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA5894E5-272A-41E0-930F-6BCD676EAC68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_600_g5_dm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC52335-0763-4435-A133-E1441DEA4CA8",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_600_g5_dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A62F98F9-C382-4878-8133-259DA7F551A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_600_g5_mt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2040DAB5-553A-4342-897C-C9810DEBD35E",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_600_g5_mt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8FEC79A-4486-4DB4-BCD9-CF38EF59D27A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_600_g5_pci_mt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF685309-20EF-446F-AADA-77DAF482C52B",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_600_g5_pci_mt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E8145-B314-4E49-9EA4-3E6EBCAD213B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:prodesk_600_g5_sff_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE20576B-5D14-4225-BB74-A05CD11123FB",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:prodesk_600_g5_sff:-:*:*:*:*:*:*:*",
"matchCriteriaId": "510DC086-AE58-4747-B0EF-05C83BC77361",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proone_400_g5_aio_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85E63D9-3EB7-45D4-8850-C1E70FD4724B",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proone_400_g5_aio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "357231AD-5DA1-4BAD-84D5-C0148D9020DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proone_440_g5_aio_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "214964DF-FF9E-4AC6-AED3-B0C2214B557E",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proone_440_g5_aio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90A6F231-197C-48F7-9A1B-BD23DFDEB575",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proone_600_g5_aio_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B03189D-C82F-4E2B-B822-3F1CABE09635",
"versionEndExcluding": "02.04.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proone_600_g5_aio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37C04C17-60EB-446A-BEA0-D5AE7F066156",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elite_dragonfly_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "044131CF-A4A7-4C2B-906F-A9360051756A",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elite_dragonfly:-:*:*:*:*:*:*:*",
"matchCriteriaId": "119A1751-0FD4-4FA7-8681-CC82C4D47BFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elite_x2_g4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6E7759-9992-4855-B291-DC4CEA8DC987",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elite_x2_g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72682A82-B694-4CE0-9B88-DCAAC8A6C8B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_830_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2992EDB-67D2-4649-B7C6-9B9BC29AC9D0",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_830_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8707F9-46CB-48F7-8CFA-EE90F44D5585",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_836_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A670F69B-0B56-4271-9EA7-C7758A8B7FC6",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_836_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "663E72B3-5986-434C-B395-43CF1A461A55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_840_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CF35B1-9BA8-494C-81E4-8DBA41E02233",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_840_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5091726-485B-4F0D-A451-8FA3FF10B952",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_840_g6_healthcare_edition_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E852C2-A935-47F1-B22A-E8BCB14AC2BB",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_840_g6_healthcare_edition:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02654E2D-30A7-4A07-AD0A-10402AD2CD7D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_846_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AB80BBE-D94F-42D5-B84B-FE73B695A182",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_846_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AB963DD-777E-4FB8-844D-71BB14CBE08F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_846_g6_healthcare_edition_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE54E43C-E313-4BA9-A329-4639F5737E97",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_846_g6_healthcare_edition:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49AF7550-3FA5-4C11-8F62-44192025D0A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_850_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7E9C89-0ABD-4D82-9071-72F486B24E73",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_850_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC02312C-289C-445B-8FC6-D5854EA44F87",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_x360_1030_g4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F8151B3-245D-4DF8-819B-15BE94322632",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_x360_1030_g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "201BF348-CDDE-4ED8-9339-0830AEE5B208",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_x360_1040_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDCFB9E3-8976-490B-8D02-65A9BEF5C0E3",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_x360_1040_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "485F527D-CED9-4865-BF19-0E474ED5C177",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:elitebook_x360_830_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E694FD28-1BB0-4B3F-9298-71103F30919A",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:elitebook_x360_830_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "707ACE08-2017-4A78-837F-BEBC02929E99",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:probook_640_g5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9BAA2AE-FB22-4620-9378-175838DF0DF8",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:probook_640_g5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "657F2CA6-D464-466F-BB6F-11316D3E27DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:probook_650_g5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06D7EC1E-E07F-4D3C-BC52-BDA7B99C7558",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:probook_650_g5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F15254-6AF1-4495-B89F-F58084D11D36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zbook_14u_g6_mobile_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E82F404-2902-420D-BB00-8EC47440AC21",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zbook_14u_g6_mobile_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA294DB-2734-4C61-9075-49A2707CB482",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zbook_15u_g6_mobile_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "906E44BC-EF21-40BE-8815-EAA1397D5AD2",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zbook_15u_g6_mobile_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65A80149-6172-4C1A-946E-2CC5159AFD11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_x_13_g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E66934BD-DB86-4D96-852C-52D43A2BFAB8",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_x_13_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C5FBB0A-9A79-482F-9E59-2291712BD161",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zbook_17u_g6_mobile_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27F84110-1D30-4A72-978F-103D5996021D",
"versionEndExcluding": "01.04.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zbook_17u_g6_mobile_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D06E33A-ACA6-486F-9670-DD4DD83AA887",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. Affected versions depend on platform (prior to 01.04.02; or prior to 02.04.01; or prior to 02.04.02)."
},
{
"lang": "es",
"value": "Una potencial vulnerabilidad de seguridad con DMA previo al inicio puede permitir una ejecuci\u00f3n no autorizada de c\u00f3digo UEFI usando ataques de casos abiertos. Este problema de toda la industria requiere acceder f\u00edsicamente a los slots de expansi\u00f3n internos con herramientas de hardware y software especializadas para modificar el c\u00f3digo UEFI en la memoria. Esto afecta a HP Intel-based Business PCs que soportan la protecci\u00f3n DMA de Kernel de Microsoft Windows 10. Las versiones afectadas dependen de la plataforma (versiones anteriores a 01.04.02; o anteriores a 02.04.01; o anteriores a 02.04.02)."
}
],
"id": "CVE-2019-18913",
"lastModified": "2024-11-21T04:33:49.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-31T04:15:10.993",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06549501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06549501"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.