Vulnerability Description
HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Z4 G4 Workstation Firmware | < 1.70 |
| Hp | Z4 G4 Workstation | - |
| Hp | Z4 G4 Core-X Workstation Firmware | < 1.70 |
| Hp | Z4 G4 Core-X Workstation | - |
| Hp | Z6 G4 Workstation Firmware | < 1.71 |
| Hp | Z6 G4 Workstation | - |
| Hp | Z8 G4 Workstation Firmware | < 1.71 |
| Hp | Z8 G4 Workstation | - |
Related Weaknesses (CWE)
References
- https://support.hp.com/us-en/document/c06318199PatchVendor Advisory
- https://support.hp.com/us-en/document/c06318199PatchVendor Advisory
FAQ
What is CVE-2019-6321?
CVE-2019-6321 is a vulnerability with a CVSS score of 7.2 (HIGH). HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates ...
How severe is CVE-2019-6321?
CVE-2019-6321 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-6321?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Z4 G4 Workstation Firmware, Hp Z4 G4 Workstation, Hp Z4 G4 Core-X Workstation Firmware, Hp Z4 G4 Core-X Workstation, Hp Z6 G4 Workstation Firmware.