CVE-2022-48220

EPSS 0.03%
Veröffentlicht 14.02.2024 23:15:08
Zuletzt bearbeitet 27.03.2025 15:15:40
Quelle hp-security-alert@hp.com
Teams Watchlist Login
Unerledigt Login

Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)

Herstellerhp

≫

Produkt elite_tower_880_g9_desktop_pc

Default Statusunknown

Version < 02.12.02_rev1

Version 0

Status affected

Herstellerhp

≫

Produkt elitedesk_880_g8_tower_pc

Default Statusunknown

Version < 02.14.00_rev1

Version 0

Status affected

Herstellerhp

≫

Produkt eliteone_800_g8_27_all-in-one_pc

Default Statusunknown

Version < 02.14.00_rev1

Version 0

Status affected

Herstellerhp

≫

Produkt pro_mini_400_g9_desktop_pc

Default Statusunknown

Version < 02.12.02_rev1

Version 0

Status affected

Herstellerhp

≫

Produkt pro_sff_400_g9_desktop_pc

Default Statusunknown

Version < 02.12.02_rev1

Version 0

Status affected

Herstellerhp

≫

Produkt pro_tower_480_g9_desktop_pc

Default Statusunknown

Version < 02.12.02_rev1

Version 0

Status affected

Herstellerhp

≫

Produkt z1_g9_tower_desktop_pc

Default Statusunknown

Version < 02.12.02_rev1

Version 0

Status affected

Herstellerhp

≫

Produkt z2_small_form_factor_g9_workstation

Default Statusunknown

Version < 01.06.05_rev1

Version 0

Status affected

Herstellerhp

≫

Produkt z2_mini_g9_workstation

Default Statusunknown

Version < 2.02.02_rev1

Version 0

Status affected

Herstellerhp

≫

Produkt z2_tower_g9_workstation

Default Statusunknown

Version < 2.02.02_rev1

Version 0

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.067

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	6.4	0.9	5.5	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

CWE-203 Observable Discrepancy

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907

https://nvd.nist.gov/vuln/detail/CVE-2022-48220

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-48220

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-48220

EUVD