Lucene search
HP, HP Product Security Response Team (PSRT)HP:C06456250HistorySep 25, 2019 - 12:00 a.m.
HPSBHF03631 rev. 6 - BIOS Privilege Elevation Vulnerability
2019-09-2500:00:00
HP, HP Product Security Response Team (PSRT)
support.hp.com
30
EPSS
0.001
Percentile
43.1%
Potential Security Impact
Elevation of privilege
Source: HP, HP Product Security Response Team (PSRT)
Reported by: yngwei (@yngweijw) of IIE VARAS, MengHao, Li of IIE VARAS and driedfish (@d3af1sh) of IIE
VULNERABILITY SUMMARY
A potential security vulnerability has been identified which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary SMM (System Management Mode) code.
RESOLUTION
HP has identified the affected platforms and target dates for Softpaqs. See the affected platforms listed below.
On affected platforms, enabling Secure Boot mitigates this vulnerability.
Related
nvd
nvd
CVE-2019-16284
2019-11-05 21:15:13
cve
cve
CVE-2019-16284
2019-11-05 21:15:13
cvelist
cvelist
CVE-2019-16284
2019-11-05 20:16:57
prion
prion
Privilege escalation
2019-11-05 21:15:00