Lucene search

HP Product Security Response TeamHPSBHF03945

HistoryJun 11, 2024 - 12:00 a.m.

AMD SPI Lock Bypass June 2024 Security Update

2024-06-1100:00:00

HP Product Security Response Team

support.hp.com

amd

spi lock bypass

vulnerability

firmware updates

hp platforms

arbitrary code execution

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

8 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

JSON

AMD has informed HP of a potential weakness in AMD SPI protection features, which might allow arbitrary code execution. AMD is releasing firmware updates and HP is enabling AMD ROM Armor to mitigate these vulnerabilities.

AMD has released updates to mitigate the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that mitigate the potential vulnerability. See the affected platforms listed below.

Affected configurations

Vulners

Node

hpelitebook_645_14_inch_g9_notebook_pcRange<01.15.01

hpelitebook_655_15.6_inch_g9_notebook_pcRange<01.15.01

hpelitebook_735_g6Range<01.27.00

hpelitebook_745_g6Range<01.27.00

hpelitebook_835_13_inch_g9_notebook_pcRange<01.09.03

hpelitebook_835_g7Range<P

hpelitebook_835_g8Range<P

hpelitebook_845_14_inch_g9_notebook_pcRange<01.09.03

hpelitebook_845_g7Range<P

hpelitebook_845_g8Range<P

hpelitebook_855_g7Range<P

hpelitebook_855_g8Range<P

hpelitebook_865_16_inch_g9_notebook_pcRange<01.09.03

hpelitebook_830_13.3_inch_g9_notebook_pcRange<01.15.01

hpprobook_445_14_inch_g9_notebook_pcRange<01.15.01

hpprobook_445_g7Range<P

hpprobook_445_g8Range<P

hpprobook_445r_g6Range<01.28.00

hpprobook_455_15.6_inch_g9_notebook_pcRange<01.15.01

hpprobook_455_g7Range<P

hpprobook_455_g8Range<P

hpprobook_455r_g6Range<01.28.00

hpprobook_635_aero_g7Range<P

hpprobook_635_aero_g8Range<P

hpprobook_x360_435_g7Range<01.17.01

hpprobook_x360_435_g8_notebook_pcRange<01.17.00

hpzhan_66_pro_a_14_g3Range<P

hpzhan_66_pro_a_14_g4_notebook_pcRange<P

hpzhan_66_pro_a_14_g5_notebook_pcRange<01.15.01

hpelitedesk_805_g6_desktop_mini_pcRange<02.15.01

hpelitedesk_805_g6_small_form_factor_pcRange<02.15.01

hpelitedesk_805_g8_desktop_mini_pcRange<02.12.01

hpelitedesk_805_g8_small_form_factor_pcRange<02.12.01

hpprodesk_405_g6_desktop_mini_pcRange<02.15.01

hpprodesk_405_g6_small_form_factor_pcRange<02.15.01

hpprodesk_405_g8_desktop_mini_pcRange<02.12.01

hpprodesk_405_g8_small_form_factor_pcRange<02.12.01

hplaptop_14-bp0xxRange<F.18

hplaptop_14s-bc0xxRange<F.18

hplaptop_15-bs0xxRange<F.18

hplaptop_15s-dr0xxxRange<F.18

hplaptop_15-bs0xxRange<F.11

hplaptop_17-ak0xxRange<F.13

hpenvy_15-cn0xxx_x360Range<F.08

hpenvy_x360_-_15t-cn000Range<F.16

hpenvy_15-cn0xxx_x360Range<F.07

hpenvy_15-cn0xxx_x360Range<F.08

hppavilion_gaming_15-ec1xxxRange<F.09

hphp_pavilion_14-n000Range<F.06

hppavilion_15Range<F.09

hppavilion_15Range<F.05

hppavilion_laptop_13-an0xxxRange<F.11

hppavilion_laptop_13-an0xxxRange<F.20

hpomen_gaming_16-b0xxxRange<F.20

hpvictus_gaming_16-d0xxxRange<F.06

hpvictus_gaming_16-d0xxxRange<F.20

hpelitebook_845_14_inch_g9_notebook_pcRange<F.13

hpelitebook_650_15.6_inch_g9_notebook_pcRange<F.15

hp255_g10Range<F.11

hpzhan_66_pro_14_inch_g5_notebook_pcRange<F.06

hpzhan_99_g4_mobile_workstationRange<F.11

hpeliteone_800_g6_24_all-in-one_pcRange<F.19

hpeliteone_800_g6_24_all-in-one_pcRange<F.10

hpeliteone_800_g6_24_all-in-one_pcRange<F.11

hpeliteone_870_27_inch_g9_all-in-one_desktop_pcRange<F.19

hpeliteone_870_27_inch_g9_all-in-one_desktop_pcRange<F.10

hpeliteone_870_27_inch_g9_all-in-one_desktop_pcRange<F.11

hpcompaq_dc7600_desktop_pcRange<F.22

hpeliteone_800_g6_24_all-in-one_pcRange<F.19

hpeliteone_800_g6_27_all-in-one_pcRange<F.19

hpomen_desktop_40l_gt21-0xxxRange<F.15

hpvictus_gaming_16-d0xxxRange<F.22

hp205_g8_24_all-in-one_pc_\(rom_family_ssid_8923\)Range<F.19

hp205_pro_g8_24_all-in-one_pc_\(rom_family_ssid_8923\)Range<F.19

hpproone_440_23.8_inch_g9_all-in-one_desktop_pcRange<F.10

hpproone_440_23.8_inch_g9_all-in-one_desktop_pcRange<F.11

hpzhan_66_pro_g3_22_all-in-one_pcRange<F.19

CPENameOperatorVersion
hp elitebook 645 14 inch g9 notebook pclt01.15.01
hp elitebook 655 15.6 inch g9 notebook pclt01.15.01
hp elitebook 735 g6lt01.27.00
hp elitebook 745 g6lt01.27.00
hp elitebook 835 13 inch g9 notebook pclt01.09.03
hp elitebook 835 g7ltP
hp elitebook 835 g8ltP
hp elitebook 845 14 inch g9 notebook pclt01.09.03
hp elitebook 845 g7ltP
hp elitebook 845 g8ltP

Name	Operator	Version
hp elitebook 645 14 inch g9 notebook pc	lt	01.15.01
hp elitebook 655 15.6 inch g9 notebook pc	lt	01.15.01
hp elitebook 735 g6	lt	01.27.00
hp elitebook 745 g6	lt	01.27.00
hp elitebook 835 13 inch g9 notebook pc	lt	01.09.03
hp elitebook 835 g7	lt	P
hp elitebook 835 g8	lt	P
hp elitebook 845 14 inch g9 notebook pc	lt	01.09.03
hp elitebook 845 g7	lt	P
hp elitebook 845 g8	lt	P

Rows per page:

1-10 of 841

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

8 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

JSON

Related for HPSBHF03945