CVE-2019-6322

EUVD-2019-15887
HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
Affected Products (NVD)
VendorProductVersion
hpz4_g4_workstation_firmware
𝑥
< 1.70
hpz4_g4_core-x_workstation_firmware
𝑥
< 1.70
hpz6_g4_workstation_firmware
𝑥
< 1.71
hpz8_g4_workstation_firmware
𝑥
< 1.71
hpz4_g4_workstation_firmware
𝑥
< 1.70
hpz4_g4_core-x_workstation_firmware
𝑥
< 1.70
hpz6_g4_workstation_firmware
𝑥
< 1.71
hpz8_g4_workstation_firmware
𝑥
< 1.71
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.hp.com/us-en/document/c06318199
https://support.hp.com/us-en/document/c06318199