CVE-2019-6321

HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default.

Published: May 29, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-6321
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.2
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

CWE-667

Affected Software
References

Software	From	Fixed in
hp / z4_g4_workstation_firmware	-	1.70
hp / z4_g4_core-x_workstation_firmware	-	1.70
hp / z6_g4_workstation_firmware	-	1.71
hp / z8_g4_workstation_firmware	-	1.71

https://support.hp.com/us-en/document/c06318199

Vulnerability Database

CVE-2019-6321