CVE-2022-48220

MEDIUM

HP Elite and EliteDesk G8/G9 Firmware - Intrusion Detection Bypass via Physical TamperLock Attack

Title source: llm

Description

Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.

References (1)

Core 1

Core References

Vendor Advisory

https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907

Scores

CVSS v3 6.4

EPSS 0.0015

EPSS Percentile 34.8%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-203

Status published

Products (27)

hp/elite_mini_600_g9_firmware < 02.12.02

hp/elite_mini_800_g9_firmware < 02.12.02

hp/elite_sff_600_g9_firmware < 02.12.02

hp/elite_sff_800_g9_firmware < 02.12.02

hp/elite_tower_600_g9_firmware < 02.12.02

hp/elite_tower_680_g9_firmware < 02.12.02

hp/elite_tower_800_g9_firmware < 02.12.02

hp/elite_tower_880_g9_firmware < 02.12.02

hp/elitedesk_800_g8_desktop_mini_firmware < 02.14.00

hp/elitedesk_800_g8_small_form_factor_firmware < 02.14.00

... and 17 more

Published Feb 14, 2024

Tracked Since Feb 18, 2026