CVE-2022-48220 — MEDIUM (6.4)

Q: How severe is CVE-2022-48220?

CVE-2022-48220 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-48220?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Elite Mini 600 G9 Firmware, Hp Elite Mini 600 G9, Hp Elite Mini 800 G9 Firmware, Hp Elite Mini 800 G9, Hp Elite Sff 600 G9 Firmware.

Vulnerability Description

Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.

CVSS Score

6.4

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

LOW

Affected Products

Vendor	Product	Versions
Hp	Elite Mini 600 G9 Firmware	< 02.12.02
Hp	Elite Mini 600 G9	-
Hp	Elite Mini 800 G9 Firmware	< 02.12.02
Hp	Elite Mini 800 G9	-
Hp	Elite Sff 600 G9 Firmware	< 02.12.02
Hp	Elite Sff 600 G9	-
Hp	Elite Sff 800 G9 Firmware	< 02.12.02
Hp	Elite Sff 800 G9	-
Hp	Elite Tower 600 G9 Firmware	< 02.12.02
Hp	Elite Tower 600 G9	-
Hp	Elite Tower 680 G9 Firmware	< 02.12.02
Hp	Elite Tower 680 G9	-
Hp	Elite Tower 800 G9 Firmware	< 02.12.02
Hp	Elite Tower 800 G9	-
Hp	Elite Tower 880 G9 Firmware	< 02.12.02
Hp	Elite Tower 880 G9	-
Hp	Elitedesk 800 G8 Desktop Mini Firmware	< 02.14.00
Hp	Elitedesk 800 G8 Desktop Mini	-
Hp	Elitedesk 800 G8 Small Form Factor Firmware	< 02.14.00
Hp	Elitedesk 800 G8 Small Form Factor	-

Related Weaknesses (CWE)

CWE-203

References

https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907Vendor Advisory
https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907Vendor Advisory

FAQ

What is CVE-2022-48220?

CVE-2022-48220 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing fi...

How severe is CVE-2022-48220?

CVE-2022-48220 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-48220?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Elite Mini 600 G9 Firmware, Hp Elite Mini 600 G9, Hp Elite Mini 800 G9 Firmware, Hp Elite Mini 800 G9, Hp Elite Sff 600 G9 Firmware.