CVE-2020-15596

The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.7 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
VendorProductVersion
hpelite_x2_1012_g1_firmware
𝑥
< 8.2206.1717.166
hpelite_x2_1012_g2_firmware
𝑥
< 8.2206.1717.634
hpelitebook_1030_g1_firmware
𝑥
< 8.2206.1717.166
hpelitebook_1040_g4_firmware
𝑥
< 8.2206.1717.634
hpelitebook_folio_1040_g3_firmware
𝑥
< 8.2206.1717.166
hpelitebook_folio_g1_firmware
𝑥
< 8.2206.1717.166
hpelitebook_revolve_810_g2_firmware
𝑥
< 10.1201.1717.108
hpelitebook_revolve_810_g3_firmware
𝑥
< 10.1201.1717.108
hpelitebook_x360_1020_g2_firmware
𝑥
< 8.2206.1717.634
hpelitebook_x360_1030_g2_firmware
𝑥
< 8.2206.1717.634
hppro_x2_612_g2_firmware
𝑥
< 8.2206.1717.634
hpzbook_studio_g3_firmware
𝑥
< 8.2206.1717.166
hpzbook_studio_g4_firmware
𝑥
< 8.2206.1717.634
hpzbook_x2_g4_firmware
𝑥
< 8.2206.1717.634
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://seclists.org/fulldisclosure/2020/Jul/30
https://support.hp.com/document/c06706305
https://seclists.org/fulldisclosure/2020/Jul/30
https://support.hp.com/document/c06706305