HP Desktop PCs Vulnerable to Physical Attack Bypass
CVE-2022-48219

6.4MEDIUM

Key Information:

Vendor: HP
Status: Certain HP Desktop Pc Products
Vendor: CVE Published:; 14 February 2024

Summary

A vulnerability has been identified in specific HP Desktop PC products that utilize the HP TamperLock feature. This issue may enable an attacker to bypass the intrusion detection mechanisms through a physical attack. HP has recognized these potential vulnerabilities and is actively working to address them by releasing necessary firmware updates and providing guidance for users to mitigate associated risks.

Affected Version(s)

Certain HP Desktop PC products See HP Security Bulletin reference for affected versions.

References

https://support.hp.com/us-en/document/ish_10170895-101709...

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 14, 2024
Vulnerability Reserved
Jan 5, 2023