CVE-2022-48220

EPSS 0.15%
Veröffentlicht 14.02.2024 23:15:08
Zuletzt bearbeitet 09.01.2026 22:02:53
Quelle hp-security-alert@hp.com
CVE-Watchlists
Login
Unerledigt
Login

Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

NVD 27 VulnDex Vulnerability Enrichment 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hp ≫ Elite Mini 600 G9 Firmware Version < 02.12.02

Hp ≫ Elite Mini 600 G9 Version-

Hp ≫ Elite Mini 800 G9 Firmware Version < 02.12.02

Hp ≫ Elite Mini 800 G9 Version-

Hp ≫ Elite Sff 600 G9 Firmware Version < 02.12.02

Hp ≫ Elite Sff 600 G9 Version-

Hp ≫ Elite Sff 800 G9 Firmware Version < 02.12.02

Hp ≫ Elite Sff 800 G9 Version-

Hp ≫ Elite Tower 600 G9 Firmware Version < 02.12.02

Hp ≫ Elite Tower 600 G9 Version-

Hp ≫ Elite Tower 680 G9 Firmware Version < 02.12.02

Hp ≫ Elite Tower 680 G9 Version-

Hp ≫ Elite Tower 800 G9 Firmware Version < 02.12.02

Hp ≫ Elite Tower 800 G9 Version-

Hp ≫ Elite Tower 880 G9 Firmware Version < 02.12.02

Hp ≫ Elite Tower 880 G9 Version-

Hp ≫ Elitedesk 800 G8 Desktop Mini Firmware Version < 02.14.00

Hp ≫ Elitedesk 800 G8 Desktop Mini Version-

Hp ≫ Elitedesk 800 G8 Small Form Factor Firmware Version < 02.14.00

Hp ≫ Elitedesk 800 G8 Small Form Factor Version-

Hp ≫ Elitedesk 800 G8 Tower Firmware Version < 02.14.00

Hp ≫ Elitedesk 800 G8 Tower Version-

Hp ≫ Elitedesk 880 G8 Tower Firmware Version < 02.14.00

Hp ≫ Elitedesk 880 G8 Tower Version-

Hp ≫ Eliteone 800 G8 24 All-in-one Firmware Version < 02.14.00

Hp ≫ Eliteone 800 G8 24 All-in-one Version-

Hp ≫ Eliteone 800 G8 27 All-in-one Firmware Version < 02.14.00

Hp ≫ Eliteone 800 G8 27 All-in-one Version-

Hp ≫ Mini Conferencing Pc Firmware Version < 02.12.02

Hp ≫ Mini Conferencing Pc With Zoom Rooms Version-

Hp ≫ Pro Mini 260 G9 Firmware Version < 02.14.00

Hp ≫ Pro Mini 260 G9 Version-

Hp ≫ Pro Mini 400 G9 Firmware Version < 02.12.02

Hp ≫ Pro Mini 400 G9 Version-

Hp ≫ Pro Sff 400 G9 Firmware Version < 02.12.02

Hp ≫ Pro Sff 400 G9 Version-

Hp ≫ Pro Tower 400 G9 Firmware Version < 02.12.02

Hp ≫ Pro Tower 400 G9 Version-

Hp ≫ Pro Tower 480 G9 Firmware Version < 02.12.02

Hp ≫ Pro Tower 480 G9 Version-

Hp ≫ Z1 G8 Tower Firmware Version < 02.14.00

Hp ≫ Z1 G8 Tower Version-

Hp ≫ Z1 G9 Tower Firmware Version < 02.12.02

Hp ≫ Z1 G9 Tower Version-

Hp ≫ Z2 Mini G9 Firmware Version < 02.02.02

Hp ≫ Z2 Mini G9 Version-

Hp ≫ Z2 Small Form Factor G8 Firmware Version < 01.06.05

Hp ≫ Z2 Small Form Factor G8 Version-

Hp ≫ Z2 Small Form Factor G9 Firmware Version < 02.02.02

Hp ≫ Z2 Small Form Factor G9 Version-

Hp ≫ Z2 Tower G8 Firmware Version < 01.06.05

Hp ≫ Z2 Tower G8 Version-

Hp ≫ Z2 Tower G9 Firmware Version < 02.02.02

Hp ≫ Z2 Tower G9 Version-

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.15%	0.356

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	6.4	0.9	5.5	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

CWE-203 Observable Discrepancy

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-48220

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-48220

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-48220

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-48220