CVE-2019-6322

Summary

HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default.

Affected Software

VendorProductVersion RangeStatus
n/aHP Z4 G4 Workstation (Xeon W)before 1.70affected
n/aHP Z4 G4 Workstation (Xeon W) (Linux)before 1.70affected
n/aHP Z4 G4 Core-X Workstationbefore 1.70affected
n/aHP Z4 G4 Core-X Workstation (Linux)before 1.70affected
n/aHP Z6 G4 Workstationbefore 1.71affected
n/aHP Z6 G4 Workstation (Linux)before 1.71affected
n/aHP Z8 G4 Workstationbefore 1.71affected
n/aHP Z8 G4 Workstation (Linux)before 1.71affected

Weaknesses

  • Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity

ADP Enrichment

CVE Program Container

Additional References

References