CVE-2022-48219

MEDIUM

HP Desktop PC - Privilege Escalation

Title source: llm

Description

Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.

References (1)

[Vendor Advisory] https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907

Scores

CVSS v3 6.4

EPSS 0.0015

EPSS Percentile 35.0%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Classification

CWE

CWE-693

Status published

Affected Products (27)

hp/elite_mini_600_g9_firmware < 02.12.02

hp/elite_mini_800_g9_firmware < 02.12.02

hp/elite_sff_600_g9_firmware < 02.12.02

hp/elite_sff_800_g9_firmware < 02.12.02

hp/elite_tower_600_g9_firmware < 02.12.02

hp/elite_tower_680_g9_firmware < 02.12.02

hp/elite_tower_800_g9_firmware < 02.12.02

hp/elite_tower_880_g9_firmware < 02.12.02

hp/pro_mini_260_g9_firmware < 02.14.00

hp/pro_mini_400_g9_firmware < 02.12.02

hp/pro_sff_400_g9_firmware < 02.12.02

hp/pro_tower_400_g9_firmware < 02.12.02

hp/pro_tower_480_g9_firmware < 02.12.02

hp/z1_g8_tower_firmware < 02.14.00

hp/z1_g9_tower_firmware < 02.12.02

... and 12 more

Timeline

Published Feb 14, 2024

Tracked Since Feb 18, 2026