CVE-2019-6322

HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default.

Published: May 29, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-6322
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.8
AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

CWE-667

Affected Software
References

Software	From	Fixed in
hp / z4_g4_workstation_firmware	-	1.70
hp / z4_g4_core-x_workstation_firmware	-	1.70
hp / z6_g4_workstation_firmware	-	1.71
hp / z8_g4_workstation_firmware	-	1.71

https://support.hp.com/us-en/document/c06318199

Vulnerability Database

290,020

CVE-2019-6322