CVE-2019-6321

EUVD-2019-15886
HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
Affected Products (NVD)
VendorProductVersion
hpz4_g4_workstation_firmware
𝑥
< 1.70
hpz4_g4_core-x_workstation_firmware
𝑥
< 1.70
hpz6_g4_workstation_firmware
𝑥
< 1.71
hpz8_g4_workstation_firmware
𝑥
< 1.71
hpz4_g4_workstation_firmware
𝑥
< 1.70
hpz4_g4_core-x_workstation_firmware
𝑥
< 1.70
hpz6_g4_workstation_firmware
𝑥
< 1.71
hpz8_g4_workstation_firmware
𝑥
< 1.71
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.hp.com/us-en/document/c06318199
https://support.hp.com/us-en/document/c06318199