A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. Affected versions depend on platform (before 01.04.02; or before 02.04.01; or before 02.04.02).
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
hp elitedesk_800_g5_dm_firmware |
||
hp elitedesk_800_g5_sff_firmware |
||
hp elitedesk_800_g5_twr_firmware |
||
hp eliteone_800_g5_aio_firmware |
||
hp prodesk_400_g5_dm_firmware |
||
hp prodesk_400_g6_mt_firmware |
||
hp prodesk_400_g6_sff_firmware |
||
hp prodesk_480_g6_mt_firmware |
||
hp prodesk_600_g5_dm_firmware |
||
hp prodesk_600_g5_mt_firmware |
||
hp prodesk_600_g5_pci_mt_firmware |
||
hp prodesk_600_g5_sff_firmware |
||
hp proone_400_g5_aio_firmware |
||
hp proone_440_g5_aio_firmware |
||
hp proone_600_g5_aio_firmware |
||
hp elite_dragonfly_firmware |
||
hp elite_x2_g4_firmware |
||
hp elitebook_830_g6_firmware |
||
hp elitebook_836_g6_firmware |
||
hp elitebook_840_g6_firmware |
||
hp elitebook_840_g6_healthcare_edition_firmware |
||
hp elitebook_846_g6_firmware |
||
hp elitebook_846_g6_healthcare_edition_firmware |
||
hp elitebook_850_g6_firmware |
||
hp elitebook_x360_1030_g4_firmware |
||
hp elitebook_x360_1040_g6_firmware |
||
hp elitebook_x360_830_g6_firmware |
||
hp probook_640_g5_firmware |
||
hp probook_650_g5_firmware |
||
hp zbook_14u_g6_mobile_workstation_firmware |
||
hp zbook_15u_g6_mobile_workstation_firmware |
||
hp zhan_x_13_g2_firmware |
||
hp zbook_17u_g6_mobile_workstation_firmware |
Vulmon