PT-2020-10014 · Hewlett Packard+1 · Hp Intel-Based Business Pcs+1

Published

2020-01-31

Updated

2020-08-24

CVE-2019-18913

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions HP Intel-based Business PCs versions prior to 01.04.02 HP Intel-based Business PCs versions prior to 02.04.01 HP Intel-based Business PCs versions prior to 02.04.02

Description A potential security issue with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. It affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection.

Recommendations For versions prior to 01.04.02, update to version 01.04.02 or later to resolve the issue. For versions prior to 02.04.01, update to version 02.04.01 or later to resolve the issue. For versions prior to 02.04.02, update to version 02.04.02 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-18913

Affected Products

Hp Intel-Based Business Pcs

Windows 10

PT-2020-10014 · Hewlett Packard+1 · Hp Intel-Based Business Pcs+1

CVE-2019-18913

Related Identifiers

Affected Products

References · 4