Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hpHP Product Security Response TeamHPSBHF03907
HistoryFeb 13, 2024 - 12:00 a.m.

Physical bypass of certain HP TamperLock features

2024-02-1300:00:00
HP Product Security Response Team
support.hp.com
15
physical attack
hp tamperlock
desktop workstation
cve-2022-48219
bios updates
intrusion detection

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.

Desktop Workstation mitigation for CVE-2022-48219 and CVE-2022-48220 has been released in the recommended BIOS updates (or later) identified in the following table.

Affected configurations

Vulners
Node
hpelite_mini_600_g9_desktop_pcRange<02.12.02
OR
hpelite_mini_800_g9_desktop_pcRange<02.12.02
OR
hphp_prodesk_600_g2_desktop_mini_pcRange<02.12.02
OR
hphp_elitedesk_800_g5_desktop_mini_pcRange<02.12.02
OR
hphp_z1_g8_tower_desktop_pcRange<02.12.02
OR
hphp_z1_g8_tower_desktop_pcRange<02.12.02
OR
hphp_elitedesk_800_g4_tower_pcRange<02.12.02
OR
hphp_elitedesk_880_g4_tower_pcRange<02.12.02
OR
hphp_elitedesk_800_g8_desktop_mini_pcRange<02.14.00
OR
hphp_elitedesk_800_g8_small_form_factor_pcRange<02.14.00
OR
hphp_elitedesk_800_g8_tower_pcRange<02.14.00
OR
hphp_elitedesk_880_g8_tower_pcRange<02.14.00
OR
hphp_eliteone_800_g8_24_all-in-one_pcRange<02.14.00
OR
hphp_eliteone_800_g8_27_all-in-one_pcRange<02.14.00
OR
hpmini_conferencing_pc_with_zoom_roomsRange<02.12.02
OR
hphp_260_g4_desktop_mini_pcRange<2.14
OR
hphp_prodesk_400_g2_desktop_mini_pcRange<02.12.02
OR
hphp_desktop_pro_microtower_pcRange<02.12.02
OR
hphp_z1_g8_tower_desktop_pcRange<02.12.02
OR
hphp_z1_g8_tower_desktop_pcRange<02.12.02
OR
hphp_z1_g8_tower_desktop_pcRange<02.14.00
OR
hphp_z1_g8_tower_desktop_pcRange<02.12.02
OR
hphp_z2_mini_g4_workstationRange<02.02.02
OR
hphp_z2_mini_g4_workstationRange<02.02.02
OR
hphp_z2_small_form_factor_g8_workstationRange<01.06.05
OR
hphp_z2_small_form_factor_g8_workstationRange<01.06.05
OR
hphp_z2_small_form_factor_g4_workstationRange<02.02.02
OR
hphp_z2_small_form_factor_g4_workstationRange<02.02.02
OR
hphp_z2_tower_g8_workstationRange<01.06.05
OR
hphp_z2_tower_g8_workstationRange<01.06.05
OR
hphp_z2_tower_g4_workstationRange<02.02.02
OR
hphp_z2_tower_g4_workstationRange<02.02.02

Related

cve 2
prion 2
vulnrichment 1
nvd 2
cvelist 2
cve
cve
CVE-2022-48220
2024-02-14 23:15:08
CVE-2022-48219
2024-02-14 23:15:07
prion
prion
Design/Logic Flaw
2024-02-14 23:15:00
Design/Logic Flaw
2024-02-14 23:15:00
vulnrichment
vulnrichment
CVE-2022-48220
2024-02-14 22:21:08
nvd
nvd
CVE-2022-48219
2024-02-14 23:15:07
CVE-2022-48220
2024-02-14 23:15:08
cvelist
cvelist
CVE-2022-48219
2024-02-14 22:20:04
CVE-2022-48220
2024-02-14 22:21:08

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for HPSBHF03907
cve2prion2vulnrichment1nvd2cvelist2