CVE-2019-18913
Severity Score
6.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. Affected versions depend on platform (prior to 01.04.02; or prior to 02.04.01; or prior to 02.04.02).
Una potencial vulnerabilidad de seguridad con DMA previo al inicio puede permitir una ejecución no autorizada de código UEFI usando ataques de casos abiertos. Este problema de toda la industria requiere acceder físicamente a los slots de expansión internos con herramientas de hardware y software especializadas para modificar el código UEFI en la memoria. Esto afecta a HP Intel-based Business PCs que soportan la protección DMA de Kernel de Microsoft Windows 10. Las versiones afectadas dependen de la plataforma (versiones anteriores a 01.04.02; o anteriores a 02.04.01; o anteriores a 02.04.02).
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-11-12 CVE Reserved
- 2020-01-31 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.hp.com/us-en/document/c06549501 | 2020-08-24 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Hp Search vendor "Hp" | Elitedesk 800 G5 Dm Firmware Search vendor "Hp" for product "Elitedesk 800 G5 Dm Firmware" | < 02.04.02 Search vendor "Hp" for product "Elitedesk 800 G5 Dm Firmware" and version " < 02.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elitedesk 800 G5 Dm Search vendor "Hp" for product "Elitedesk 800 G5 Dm" | - | - |
Safe
|
| Hp Search vendor "Hp" | Elitedesk 800 G5 Sff Firmware Search vendor "Hp" for product "Elitedesk 800 G5 Sff Firmware" | < 02.04.02 Search vendor "Hp" for product "Elitedesk 800 G5 Sff Firmware" and version " < 02.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elitedesk 800 G5 Sff Search vendor "Hp" for product "Elitedesk 800 G5 Sff" | - | - |
Safe
|
| Hp Search vendor "Hp" | Elitedesk 800 G5 Twr Firmware Search vendor "Hp" for product "Elitedesk 800 G5 Twr Firmware" | < 02.04.02 Search vendor "Hp" for product "Elitedesk 800 G5 Twr Firmware" and version " < 02.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elitedesk 800 G5 Twr Search vendor "Hp" for product "Elitedesk 800 G5 Twr" | - | - |
Safe
|
| Hp Search vendor "Hp" | Eliteone 800 G5 Aio Firmware Search vendor "Hp" for product "Eliteone 800 G5 Aio Firmware" | < 02.04.02 Search vendor "Hp" for product "Eliteone 800 G5 Aio Firmware" and version " < 02.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Eliteone 800 G5 Aio Search vendor "Hp" for product "Eliteone 800 G5 Aio" | - | - |
Safe
|
| Hp Search vendor "Hp" | Prodesk 400 G5 Dm Firmware Search vendor "Hp" for product "Prodesk 400 G5 Dm Firmware" | < 02.04.01 Search vendor "Hp" for product "Prodesk 400 G5 Dm Firmware" and version " < 02.04.01" | - |
Affected
| in | Hp Search vendor "Hp" | Prodesk 400 G5 Dm Search vendor "Hp" for product "Prodesk 400 G5 Dm" | - | - |
Safe
|
| Hp Search vendor "Hp" | Prodesk 400 G6 Mt Firmware Search vendor "Hp" for product "Prodesk 400 G6 Mt Firmware" | < 02.04.01 Search vendor "Hp" for product "Prodesk 400 G6 Mt Firmware" and version " < 02.04.01" | - |
Affected
| in | Hp Search vendor "Hp" | Prodesk 400 G6 Mt Search vendor "Hp" for product "Prodesk 400 G6 Mt" | - | - |
Safe
|
| Hp Search vendor "Hp" | Prodesk 400 G6 Sff Firmware Search vendor "Hp" for product "Prodesk 400 G6 Sff Firmware" | < 02.04.02 Search vendor "Hp" for product "Prodesk 400 G6 Sff Firmware" and version " < 02.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Prodesk 400 G6 Sff Search vendor "Hp" for product "Prodesk 400 G6 Sff" | - | - |
Safe
|
| Hp Search vendor "Hp" | Prodesk 480 G6 Mt Firmware Search vendor "Hp" for product "Prodesk 480 G6 Mt Firmware" | < 02.04.01 Search vendor "Hp" for product "Prodesk 480 G6 Mt Firmware" and version " < 02.04.01" | - |
Affected
| in | Hp Search vendor "Hp" | Prodesk 480 G6 Mt Search vendor "Hp" for product "Prodesk 480 G6 Mt" | - | - |
Safe
|
| Hp Search vendor "Hp" | Prodesk 600 G5 Dm Firmware Search vendor "Hp" for product "Prodesk 600 G5 Dm Firmware" | < 02.04.01 Search vendor "Hp" for product "Prodesk 600 G5 Dm Firmware" and version " < 02.04.01" | - |
Affected
| in | Hp Search vendor "Hp" | Prodesk 600 G5 Dm Search vendor "Hp" for product "Prodesk 600 G5 Dm" | - | - |
Safe
|
| Hp Search vendor "Hp" | Prodesk 600 G5 Mt Firmware Search vendor "Hp" for product "Prodesk 600 G5 Mt Firmware" | < 02.04.01 Search vendor "Hp" for product "Prodesk 600 G5 Mt Firmware" and version " < 02.04.01" | - |
Affected
| in | Hp Search vendor "Hp" | Prodesk 600 G5 Mt Search vendor "Hp" for product "Prodesk 600 G5 Mt" | - | - |
Safe
|
| Hp Search vendor "Hp" | Prodesk 600 G5 Pci Mt Firmware Search vendor "Hp" for product "Prodesk 600 G5 Pci Mt Firmware" | < 02.04.01 Search vendor "Hp" for product "Prodesk 600 G5 Pci Mt Firmware" and version " < 02.04.01" | - |
Affected
| in | Hp Search vendor "Hp" | Prodesk 600 G5 Pci Mt Search vendor "Hp" for product "Prodesk 600 G5 Pci Mt" | - | - |
Safe
|
| Hp Search vendor "Hp" | Prodesk 600 G5 Sff Firmware Search vendor "Hp" for product "Prodesk 600 G5 Sff Firmware" | < 02.04.01 Search vendor "Hp" for product "Prodesk 600 G5 Sff Firmware" and version " < 02.04.01" | - |
Affected
| in | Hp Search vendor "Hp" | Prodesk 600 G5 Sff Search vendor "Hp" for product "Prodesk 600 G5 Sff" | - | - |
Safe
|
| Hp Search vendor "Hp" | Proone 400 G5 Aio Firmware Search vendor "Hp" for product "Proone 400 G5 Aio Firmware" | < 02.04.01 Search vendor "Hp" for product "Proone 400 G5 Aio Firmware" and version " < 02.04.01" | - |
Affected
| in | Hp Search vendor "Hp" | Proone 400 G5 Aio Search vendor "Hp" for product "Proone 400 G5 Aio" | - | - |
Safe
|
| Hp Search vendor "Hp" | Proone 440 G5 Aio Firmware Search vendor "Hp" for product "Proone 440 G5 Aio Firmware" | < 02.04.01 Search vendor "Hp" for product "Proone 440 G5 Aio Firmware" and version " < 02.04.01" | - |
Affected
| in | Hp Search vendor "Hp" | Proone 440 G5 Aio Search vendor "Hp" for product "Proone 440 G5 Aio" | - | - |
Safe
|
| Hp Search vendor "Hp" | Proone 600 G5 Aio Firmware Search vendor "Hp" for product "Proone 600 G5 Aio Firmware" | < 02.04.01 Search vendor "Hp" for product "Proone 600 G5 Aio Firmware" and version " < 02.04.01" | - |
Affected
| in | Hp Search vendor "Hp" | Proone 600 G5 Aio Search vendor "Hp" for product "Proone 600 G5 Aio" | - | - |
Safe
|
| Hp Search vendor "Hp" | Elite Dragonfly Firmware Search vendor "Hp" for product "Elite Dragonfly Firmware" | < 01.04.02 Search vendor "Hp" for product "Elite Dragonfly Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elite Dragonfly Search vendor "Hp" for product "Elite Dragonfly" | - | - |
Safe
|
| Hp Search vendor "Hp" | Elite X2 G4 Firmware Search vendor "Hp" for product "Elite X2 G4 Firmware" | < 01.04.02 Search vendor "Hp" for product "Elite X2 G4 Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elite X2 G4 Search vendor "Hp" for product "Elite X2 G4" | - | - |
Safe
|
| Hp Search vendor "Hp" | Elitebook 830 G6 Firmware Search vendor "Hp" for product "Elitebook 830 G6 Firmware" | < 01.04.02 Search vendor "Hp" for product "Elitebook 830 G6 Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elitebook 830 G6 Search vendor "Hp" for product "Elitebook 830 G6" | - | - |
Safe
|
| Hp Search vendor "Hp" | Elitebook 836 G6 Firmware Search vendor "Hp" for product "Elitebook 836 G6 Firmware" | < 01.04.02 Search vendor "Hp" for product "Elitebook 836 G6 Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elitebook 836 G6 Search vendor "Hp" for product "Elitebook 836 G6" | - | - |
Safe
|
| Hp Search vendor "Hp" | Elitebook 840 G6 Firmware Search vendor "Hp" for product "Elitebook 840 G6 Firmware" | < 01.04.02 Search vendor "Hp" for product "Elitebook 840 G6 Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elitebook 840 G6 Search vendor "Hp" for product "Elitebook 840 G6" | - | - |
Safe
|
| Hp Search vendor "Hp" | Elitebook 840 G6 Healthcare Edition Firmware Search vendor "Hp" for product "Elitebook 840 G6 Healthcare Edition Firmware" | < 01.04.02 Search vendor "Hp" for product "Elitebook 840 G6 Healthcare Edition Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elitebook 840 G6 Healthcare Edition Search vendor "Hp" for product "Elitebook 840 G6 Healthcare Edition" | - | - |
Safe
|
| Hp Search vendor "Hp" | Elitebook 846 G6 Firmware Search vendor "Hp" for product "Elitebook 846 G6 Firmware" | < 01.04.02 Search vendor "Hp" for product "Elitebook 846 G6 Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elitebook 846 G6 Search vendor "Hp" for product "Elitebook 846 G6" | - | - |
Safe
|
| Hp Search vendor "Hp" | Elitebook 846 G6 Healthcare Edition Firmware Search vendor "Hp" for product "Elitebook 846 G6 Healthcare Edition Firmware" | < 01.04.02 Search vendor "Hp" for product "Elitebook 846 G6 Healthcare Edition Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elitebook 846 G6 Healthcare Edition Search vendor "Hp" for product "Elitebook 846 G6 Healthcare Edition" | - | - |
Safe
|
| Hp Search vendor "Hp" | Elitebook 850 G6 Firmware Search vendor "Hp" for product "Elitebook 850 G6 Firmware" | < 01.04.02 Search vendor "Hp" for product "Elitebook 850 G6 Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elitebook 850 G6 Search vendor "Hp" for product "Elitebook 850 G6" | - | - |
Safe
|
| Hp Search vendor "Hp" | Elitebook X360 1030 G4 Firmware Search vendor "Hp" for product "Elitebook X360 1030 G4 Firmware" | < 01.04.02 Search vendor "Hp" for product "Elitebook X360 1030 G4 Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elitebook X360 1030 G4 Search vendor "Hp" for product "Elitebook X360 1030 G4" | - | - |
Safe
|
| Hp Search vendor "Hp" | Elitebook X360 1040 G6 Firmware Search vendor "Hp" for product "Elitebook X360 1040 G6 Firmware" | < 01.04.02 Search vendor "Hp" for product "Elitebook X360 1040 G6 Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elitebook X360 1040 G6 Search vendor "Hp" for product "Elitebook X360 1040 G6" | - | - |
Safe
|
| Hp Search vendor "Hp" | Elitebook X360 830 G6 Firmware Search vendor "Hp" for product "Elitebook X360 830 G6 Firmware" | < 01.04.02 Search vendor "Hp" for product "Elitebook X360 830 G6 Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Elitebook X360 830 G6 Search vendor "Hp" for product "Elitebook X360 830 G6" | - | - |
Safe
|
| Hp Search vendor "Hp" | Probook 640 G5 Firmware Search vendor "Hp" for product "Probook 640 G5 Firmware" | < 01.04.02 Search vendor "Hp" for product "Probook 640 G5 Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Probook 640 G5 Search vendor "Hp" for product "Probook 640 G5" | - | - |
Safe
|
| Hp Search vendor "Hp" | Probook 650 G5 Firmware Search vendor "Hp" for product "Probook 650 G5 Firmware" | < 01.04.02 Search vendor "Hp" for product "Probook 650 G5 Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Probook 650 G5 Search vendor "Hp" for product "Probook 650 G5" | - | - |
Safe
|
| Hp Search vendor "Hp" | Zbook 14u G6 Mobile Workstation Firmware Search vendor "Hp" for product "Zbook 14u G6 Mobile Workstation Firmware" | < 01.04.02 Search vendor "Hp" for product "Zbook 14u G6 Mobile Workstation Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Zbook 14u G6 Mobile Workstation Search vendor "Hp" for product "Zbook 14u G6 Mobile Workstation" | - | - |
Safe
|
| Hp Search vendor "Hp" | Zbook 15u G6 Mobile Workstation Firmware Search vendor "Hp" for product "Zbook 15u G6 Mobile Workstation Firmware" | < 01.04.02 Search vendor "Hp" for product "Zbook 15u G6 Mobile Workstation Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Zbook 15u G6 Mobile Workstation Search vendor "Hp" for product "Zbook 15u G6 Mobile Workstation" | - | - |
Safe
|
| Hp Search vendor "Hp" | Zhan X 13 G2 Firmware Search vendor "Hp" for product "Zhan X 13 G2 Firmware" | < 01.04.02 Search vendor "Hp" for product "Zhan X 13 G2 Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Zhan X 13 G2 Search vendor "Hp" for product "Zhan X 13 G2" | - | - |
Safe
|
| Hp Search vendor "Hp" | Zbook 17u G6 Mobile Workstation Firmware Search vendor "Hp" for product "Zbook 17u G6 Mobile Workstation Firmware" | < 01.04.02 Search vendor "Hp" for product "Zbook 17u G6 Mobile Workstation Firmware" and version " < 01.04.02" | - |
Affected
| in | Hp Search vendor "Hp" | Zbook 17u G6 Mobile Workstation Search vendor "Hp" for product "Zbook 17u G6 Mobile Workstation" | - | - |
Safe
|