CVE-2020-15596
MEDIUMHP Elite X2 1012 G1 Firmware - Uncontrolled Search Path
Title source: ruleDescription
The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file.
Scores
CVSS v3
6.7
EPSS
0.0011
EPSS Percentile
29.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Classification
CWE
CWE-427
Status
published
Affected Products (14)
hp/elite_x2_1012_g1_firmware
< 8.2206.1717.166
hp/elite_x2_1012_g2_firmware
< 8.2206.1717.634
hp/elitebook_1030_g1_firmware
< 8.2206.1717.166
hp/elitebook_1040_g4_firmware
< 8.2206.1717.634
hp/elitebook_folio_1040_g3_firmware
< 8.2206.1717.166
hp/elitebook_folio_g1_firmware
< 8.2206.1717.166
hp/elitebook_revolve_810_g2_firmware
< 10.1201.1717.108
hp/elitebook_revolve_810_g3_firmware
< 10.1201.1717.108
hp/elitebook_x360_1020_g2_firmware
< 8.2206.1717.634
hp/elitebook_x360_1030_g2_firmware
< 8.2206.1717.634
hp/pro_x2_612_g2_firmware
< 8.2206.1717.634
hp/zbook_studio_g3_firmware
< 8.2206.1717.166
hp/zbook_studio_g4_firmware
< 8.2206.1717.634
hp/zbook_x2_g4_firmware
< 8.2206.1717.634
Timeline
Published
Aug 12, 2020
Tracked Since
Feb 18, 2026