Lucene search

[email protected]NVD:CVE-2019-16284

HistoryNov 05, 2019 - 9:15 p.m.

CVE-2019-16284

2019-11-0521:15:13

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

43.1%

JSON

A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary SMM (System Management Mode) code. A list of affected products and versions are available in https://support.hp.com/rs-en/document/c06456250.

Affected configurations

Nvd

Node

hp260_g1_dm_firmwareRange<2.27

AND

hp260_g1_dmMatch-

Node

hp280_pro_g1_firmwareRange<80.3

AND

hp280_pro_g1Match-

Node

hp285_g2_firmwareRange<a0.23

AND

hp285_g2Match-

Node

hp340_g3_firmwareRange<f.48

AND

hp340_g3Match-

Node

hp340_g4_firmwareRange<f.55

AND

hp340_g4Match-

Node

hp346_g3_firmwareRange<f.48

AND

hp346_g3Match-

Node

hp346_g4_firmwareRange<f.46

AND

hp346_g4Match-

Node

hp348_g3_firmwareRange<f.48

AND

hp348_g3Match-

Node

hp348_g4_firmwareRange<f.55

AND

hp348_g4Match-

Node

hpelite_slice_firmwareRange<2.42

AND

hpelite_sliceMatch-

Node

hpelite_x2_1011_g1Match-

AND

hpelite_x2_1011_g1_firmwareRange<1.27

Node

hpelite_x2_1012_g1Match-

AND

hpelite_x2_1012_g1_firmwareRange<1.42

Node

hpelitebook_1030_g1Match-

AND

hpelitebook_1030_g1_firmwareRange<1.42

Node

hpelitebook_1040_g2Match-

AND

hpelitebook_1040_g2_firmwareRange<1.17

Node

hpelitebook_720_g1_Match-

AND

hpelitebook_720_g1__firmwareRange<1.48

Node

hpelitebook_720_g2Match-

AND

hpelitebook_720_g2_firmwareRange<1.29

Node

hpelitebook_740_g1Match-

AND

hpelitebook_740_g1_firmwareRange<1.48

Node

hpelitebook_740_g2Match-

AND

hpelitebook_740_g2_firmwareRange<1.29

Node

hpelitebook_750_g1_firmwareRange<1.48

AND

hpelitebook_750_g1Match-

Node

hpelitebook_750_g2_firmwareRange<1.29

AND

hpelitebook_750_g2Match-

Node

hpelitebook_820_g1_firmwareRange<1.48

AND

hpelitebook_820_g1Match-

Node

hpelitebook_820_g2_firmwareRange<1.29

AND

hpelitebook_820_g2Match-

Node

hpelitebook_820_g3_firmwareRange<1.42

AND

hpelitebook_820_g3Match-

Node

hpelitebook_828_g3_firmwareRange<1.42

AND

hpelitebook_828_g3Match-

Node

hpelitebook_840_g1_firmwareRange<1.48

AND

hpelitebook_840_g1Match-

Node

hpelitebook_840_g2_firmwareRange<1.29

AND

hpelitebook_840_g2Match-

Node

hpelitebook_840_g3_firmwareRange<1.42

AND

hpelitebook_840_g3Match-

Node

hpelitebook_848_g3_firmwareRange<1.42

AND

hpelitebook_848_g3Match-

Node

hpelitebook_850_g1_firmwareRange<1.48

AND

hpelitebook_850_g1Match-

Node

hpelitebook_850_g2_firmwareRange<1.29

AND

hpelitebook_850_g2Match-

Node

hpelitebook_850_g3_firmwareRange<1.42

AND

hpelitebook_850_g3Match-

Node

hpelitebook_folio_1020_g1_firmwareRange<1.24-

AND

hpelitebook_folio_1020_g1Match--

Node

hpelitebook_folio_1020_g1_firmwareRange<1.24special

AND

hpelitebook_folio_1020_g1Match-special

Node

hpelitebook_folio_1040_g1_firmwareRange<1.44

AND

hpelitebook_folio_1040_g1Match-

Node

hpelitebook_folio_1040_g3_firmwareRange<1.42

AND

hpelitebook_folio_1040_g3Match-

Node

hpelitebook_folio_9480m_firmwareRange<1.49

AND

hpelitebook_folio_9480mMatch-

Node

hpelitebook_folio_g1_firmwareRange<1.42

AND

hpelitebook_folio_g1Match-

Node

hpelitebook_revolve_810_g2_firmwareRange<1.45

AND

hpelitebook_revolve_810_g2Match-

Node

hpelitebook_revolve_810_g3_firmwareRange<1.2

AND

hpelitebook_revolve_810_g3Match-

Node

hpelitedesk_800_g2_dm_firmwareRange<2.42

AND

hpelitedesk_800_g2_dmMatch-

Node

hpelitedesk_800_g2_sff_firmwareRange<2.42

AND

hpelitedesk_800_g2_sffMatch-

Node

hpelitedesk_800_g2_twr_firmwareRange<2.42

AND

hpelitedesk_800_g2_twrMatch-

Node

hpeliteone_800_g2_aio_firmwareRange<2.42

AND

hpeliteone_800_g2_aioMatch-

Node

hpelitepad_1000_g2_firmwareRange<1.48

AND

hpelitepad_1000_g2Match-

Node

hpmp9_g2_retail_system_firmwareRange<2.42

AND

hpmp9_g2_retail_systemMatch-

Node

hppro_tablet_10_ee_g1_firmwareRange<1.31

AND

hppro_tablet_10_ee_g1Match-

Node

hppro_tablet_608_g1_firmwareRange<1.21

AND

hppro_tablet_608_g1Match-

Node

hppro_tablet_610_g1_firmwareRange<f.16

AND

hppro_tablet_610_g1Match-

Node

hppro_x2_612_g1_firmwareRange<1.48

AND

hppro_x2_612_g1Match-

Node

hpprobook_11_g1_firmwareRange<1.17education

AND

hpprobook_11_g1Match-education

Node

hpprobook_11_g2_firmwareRange<1.42education

AND

hpprobook_11_g2Match-education

Node

hpprobook_430_g1_firmwareRange<1.49

AND

hpprobook_430_g1Match-

Node

hpprobook_430_g2_firmwareRange<1.52

AND

hpprobook_430_g2Match-

Node

hpprobook_430_g3_firmwareRange<1.42

AND

hpprobook_430_g3Match-

Node

hpprobook_440_g1_firmwareRange<1.49

AND

hpprobook_440_g1Match-

Node

hpprobook_440_g2_firmwareRange<1.52

AND

hpprobook_440_g2Match-

Node

hpprobook_440_g3_firmwareRange<1.42

AND

hpprobook_440_g3Match-

Node

hpprobook_450_g1_firmwareRange<1.49

AND

hpprobook_450_g1Match-

Node

hpprobook_450_g2_firmwareRange<1.52

AND

hpprobook_450_g2Match-

Node

hpprobook_450_g3_firmwareRange<1.42

AND

hpprobook_450_g3Match-

Node

hpprobook_470_g1_firmwareRange<1.49

AND

hpprobook_470_g1Match-

Node

hpprobook_470_g2_firmwareRange<1.52

AND

hpprobook_470_g2Match-

Node

hpprobook_470_g3_firmwareRange<1.42

AND

hpprobook_470_g3Match-

Node

hpprobook_640_g1_firmwareRange<1.49

AND

hpprobook_640_g1Match-

Node

hpprobook_640_g2_firmwareRange<1.42

AND

hpprobook_640_g2Match-

Node

hpprobook_650_g1_firmwareRange<1.49

AND

hpprobook_650_g1Match-

Node

hpprobook_650_g2_firmwareRange<1.42

AND

hpprobook_650_g2Match-

Node

hpprobook_x360_11_g1_firmwareRange<1.3education

AND

hpprobook_x360_11_g1Match-education

Node

hpprodesk_400_g1_dm_firmwareRange<2.27

AND

hpprodesk_400_g1_dmMatch-

Node

hpprodesk_400_g2_dm_firmwareRange<2.42

AND

hpprodesk_400_g2_dmMatch-

Node

hpprodesk_400_g2.5_sff_firmwareRange<2.26

AND

hpprodesk_400_g2.5_sffMatch-

Node

hpprodesk_400_g3_sff_firmwareRange<2.42

AND

hpprodesk_400_g3_sffMatch-

Node

hpprodesk_405_g2_mt_firmwareRange<2.29

AND

hpprodesk_405_g2_mtMatch-

Node

hpprodesk_485_g2_mt_firmwareRange<2.29

AND

hpprodesk_485_g2_mtMatch-

Node

hpprodesk_480_g3_sff_firmwareRange<2.42

AND

hpprodesk_480_g3_sffMatch-

Node

hpprodesk_490_g2_mt_firmwareRange<2.31

AND

hpprodesk_490_g2_mtMatch-

Node

hpprodesk_490_g3_sff_firmwareRange<2.42

AND

hpprodesk_490_g3_sffMatch-

Node

hpprodesk_498_g2_mt_firmwareRange<2.31

AND

hpprodesk_498_g2_mtMatch-

Node

hpprodesk_498_g3_sff_firmwareRange<2.42

AND

hpprodesk_498_g3_sffMatch-

Node

hpprodesk_600_g2_dm_firmwareRange<2.42

AND

hpprodesk_600_g2_dmMatch-

Node

hpprodesk_600_g2_sff_firmwareRange<2.42

AND

hpprodesk_600_g2_sffMatch-

Node

hpproone_400_g2_aio_firmwareRange<2.42

AND

hpproone_400_g2_aioMatch-

Node

hpproone_600_g2_aio_firmwareRange<2.42

AND

hpproone_600_g2_aioMatch-

Node

hprp2_retail_system_firmwareRange<2.21

AND

hprp2_retail_systemMatch-

Node

hprp9_g1_retail_system_9015_firmwareRange<2.42

AND

hprp9_g1_retail_system_9015Match-

Node

hprp9_g1_retail_system_9018_firmwareRange<2.42

AND

hprp9_g1_retail_system_9018Match-

Node

hpzbook_14_g2_firmwareRange<1.29

AND

hpzbook_14_g2Match-

Node

hpzbook_14_firmwareRange<1.48

AND

hpzbook_14Match-

Node

hpzbook_15_g2_firmwareRange<1.25

AND

hpzbook_15_g2Match-

Node

hpzbook_15_g3_firmwareRange<1.42

AND

hpzbook_15_g3Match-

Node

hpzbook_15_firmwareRange<1.46

AND

hpzbook_15Match-

Node

hpzbook_15u_g2_firmwareRange<1.29

AND

hpzbook_15u_g2Match-

Node

hpzbook_15u_g3_firmwareRange<1.42

AND

hpzbook_15u_g3Match-

Node

hpzbook_17_g2_firmwareRange<1.25

AND

hpzbook_17_g2Match-

Node

hpzbook_17_g3_firmwareRange<1.42

AND

hpzbook_17_g3Match-

Node

hpzbook_17_firmwareRange<1.46

AND

hpzbook_17Match-

Node

hpzbook_studio_g3_firmwareRange<1.42

AND

hpzbook_studio_g3Match-

Node

hpz1_g3_firmwareRange<1.26

AND

hpz1_g3Match-

Node

hpz2_mini_g3_firmwareRange<1.77

AND

hpz2_mini_g3Match-

Node

hpz238_microtower_firmwareRange<1.77

AND

hpz238_microtowerMatch-

Node

hpz240_sff_firmwareRange<1.77

AND

hpz240_sffMatch-

Node

hpz240_tower_firmwareRange<1.77

AND

hpz240_towerMatch-

Node

hpsprout_pro_firmwareRange<a0.14

AND

hpsprout_proMatch-

VendorProductVersionCPE
hp260_g1_dm_firmware*cpe:2.3:o:hp:260_g1_dm_firmware:*:*:*:*:*:*:*:*
hp260_g1_dm-cpe:2.3:h:hp:260_g1_dm:-:*:*:*:*:*:*:*
hp280_pro_g1_firmware*cpe:2.3:o:hp:280_pro_g1_firmware:*:*:*:*:*:*:*:*
hp280_pro_g1-cpe:2.3:h:hp:280_pro_g1:-:*:*:*:*:*:*:*
hp285_g2_firmware*cpe:2.3:o:hp:285_g2_firmware:*:*:*:*:*:*:*:*
hp285_g2-cpe:2.3:h:hp:285_g2:-:*:*:*:*:*:*:*
hp340_g3_firmware*cpe:2.3:o:hp:340_g3_firmware:*:*:*:*:*:*:*:*
hp340_g3-cpe:2.3:h:hp:340_g3:-:*:*:*:*:*:*:*
hp340_g4_firmware*cpe:2.3:o:hp:340_g4_firmware:*:*:*:*:*:*:*:*
hp340_g4-cpe:2.3:h:hp:340_g4:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	260_g1_dm_firmware	*	cpe:2.3:o:hp:260_g1_dm_firmware::::::::
hp	260_g1_dm	-	cpe:2.3:h:hp:260_g1_dm:-:::::::*
hp	280_pro_g1_firmware	*	cpe:2.3:o:hp:280_pro_g1_firmware::::::::
hp	280_pro_g1	-	cpe:2.3:h:hp:280_pro_g1:-:::::::*
hp	285_g2_firmware	*	cpe:2.3:o:hp:285_g2_firmware::::::::
hp	285_g2	-	cpe:2.3:h:hp:285_g2:-:::::::*
hp	340_g3_firmware	*	cpe:2.3:o:hp:340_g3_firmware::::::::
hp	340_g3	-	cpe:2.3:h:hp:340_g3:-:::::::*
hp	340_g4_firmware	*	cpe:2.3:o:hp:340_g4_firmware::::::::
hp	340_g4	-	cpe:2.3:h:hp:340_g4:-:::::::*

Rows per page:

1-10 of 2061

References

support.hp.com/rs-en/document/c06456250

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

43.1%

JSON

Related for NVD:CVE-2019-16284

cve1 cvelist1 prion1 hp1