CVE-2022-48220 (GCVE-0-2022-48220)
Vulnerability from cvelistv5 – Published: 2024-02-14 22:21 – Updated: 2025-03-27 14:33
VLAI?
Summary
Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.
Severity ?
6.4 (Medium)
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | Certain HP Desktop PC products |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:hp:elite_mini_600_g9_desktop_pc:-:*:*:*:*:*:*:*",
"cpe:2.3:h:hp:elite_mini_800_g9_desktop_pc:-:*:*:*:*:*:*:*",
"cpe:2.3:h:hp:elite_sff_600_g9_desktop_pc:-:*:*:*:*:*:*:*",
"cpe:2.3:h:hp:elite_sff_800_g9_desktop_pc:-:*:*:*:*:*:*:*",
"cpe:2.3:h:hp:elite_tower_880_g9_desktop_pc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "elite_tower_880_g9_desktop_pc",
"vendor": "hp",
"versions": [
{
"lessThan": "02.12.02_rev1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hp:elitedesk_800_g8_desktop_mini_pc:-:*:*:*:*:*:*:*",
"cpe:2.3:h:hp:elitedesk_800_g8_small_form_factor_pc:-:*:*:*:*:*:*:*",
"cpe:2.3:h:hp:elitedesk_800_g8_tower_pc:-:*:*:*:*:*:*:*",
"cpe:2.3:h:hp:elitedesk_880_g8_tower_pc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "elitedesk_880_g8_tower_pc",
"vendor": "hp",
"versions": [
{
"lessThan": "02.14.00_rev1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hp:eliteone_800_g8_24_all-in-one_pc:-:*:*:*:*:*:*:*",
"cpe:2.3:h:hp:eliteone_800_g8_27_all-in-one_pc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "eliteone_800_g8_27_all-in-one_pc",
"vendor": "hp",
"versions": [
{
"lessThan": "02.14.00_rev1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hp:pro_mini_400_g9_desktop_pc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pro_mini_400_g9_desktop_pc",
"vendor": "hp",
"versions": [
{
"lessThan": "02.12.02_rev1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hp:pro_sff_400_g9_desktop_pc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pro_sff_400_g9_desktop_pc",
"vendor": "hp",
"versions": [
{
"lessThan": "02.12.02_rev1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hp:pro_tower_400_g9_desktop_pc:-:*:*:*:*:*:*:*",
"cpe:2.3:h:hp:pro_tower_480_g9_desktop_pc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pro_tower_480_g9_desktop_pc",
"vendor": "hp",
"versions": [
{
"lessThan": "02.12.02_rev1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hp:z1_g8_tower_desktop_pc:-:*:*:*:*:*:*:*",
"cpe:2.3:h:hp:z1_g9_tower_desktop_pc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "z1_g9_tower_desktop_pc",
"vendor": "hp",
"versions": [
{
"lessThan": "02.12.02_rev1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hp:z2_small_form_factor_g8_workstation:-:*:*:*:*:*:*:*",
"cpe:2.3:h:hp:z2_small_form_factor_g9_workstation:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "z2_small_form_factor_g9_workstation",
"vendor": "hp",
"versions": [
{
"lessThan": "01.06.05_rev1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hp:z2_mini_g9_workstation:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "z2_mini_g9_workstation",
"vendor": "hp",
"versions": [
{
"lessThan": "2.02.02_rev1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hp:z2_tower_g8_workstation:-:*:*:*:*:*:*:*",
"cpe:2.3:h:hp:z2_tower_g9_workstation:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "z2_tower_g9_workstation",
"vendor": "hp",
"versions": [
{
"lessThan": "2.02.02_rev1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T18:56:45.802429Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T14:33:44.929Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:58.745Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Certain HP Desktop PC products",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities."
}
],
"providerMetadata": {
"dateUpdated": "2024-02-14T22:21:08.979Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-48220",
"datePublished": "2024-02-14T22:21:08.979Z",
"dateReserved": "2023-01-05T17:56:08.359Z",
"dateUpdated": "2025-03-27T14:33:44.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.\"}, {\"lang\": \"es\", \"value\": \"Se han identificado vulnerabilidades potenciales en ciertos productos de PC de escritorio HP que utilizan la funci\\u00f3n HP TamperLock, que podr\\u00eda permitir eludir la detecci\\u00f3n de intrusiones mediante un ataque f\\u00edsico. HP est\\u00e1 lanzando firmware y orientaci\\u00f3n para mitigar estas posibles vulnerabilidades.\"}]",
"id": "CVE-2022-48220",
"lastModified": "2024-11-21T07:32:59.083",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L\", \"baseScore\": 6.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"PHYSICAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 0.9, \"impactScore\": 5.5}]}",
"published": "2024-02-14T23:15:08.033",
"references": "[{\"url\": \"https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907\", \"source\": \"hp-security-alert@hp.com\"}, {\"url\": \"https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Awaiting Analysis"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-48220\",\"sourceIdentifier\":\"hp-security-alert@hp.com\",\"published\":\"2024-02-14T23:15:08.033\",\"lastModified\":\"2026-01-09T22:02:53.730\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.\"},{\"lang\":\"es\",\"value\":\"Se han identificado vulnerabilidades potenciales en ciertos productos de PC de escritorio HP que utilizan la funci\u00f3n HP TamperLock, que podr\u00eda permitir eludir la detecci\u00f3n de intrusiones mediante un ataque f\u00edsico. HP est\u00e1 lanzando firmware y orientaci\u00f3n para mitigar estas posibles vulnerabilidades.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":0.9,\"impactScore\":5.5}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-203\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:elite_mini_600_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.12.02\",\"matchCriteriaId\":\"FF61755B-EC4D-4D13-870D-ACB16855F066\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:elite_mini_600_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A786577-CFE2-45FE-8145-D96C8DE6A951\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:elite_mini_800_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.12.02\",\"matchCriteriaId\":\"5BC9704D-F210-4A4C-AF05-DB5B396AA14C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:elite_mini_800_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BB3F65B-0793-4E3F-AA4A-0FC9FE142133\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:elite_sff_600_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.12.02\",\"matchCriteriaId\":\"AC818120-C621-4788-A554-E6BE3F1D50BB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:elite_sff_600_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"810D39EE-98E2-4191-B1F2-E92D8E03D97F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:elite_sff_800_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.12.02\",\"matchCriteriaId\":\"548CE29D-3F95-42FA-8EFF-05B12F2E0B1C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:elite_sff_800_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17E812CF-E354-40F0-B10E-1CCDBFAB8CAB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:elite_tower_600_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.12.02\",\"matchCriteriaId\":\"18F26625-483B-4331-B802-2CFD46FE87A3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:elite_tower_600_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70CC5F72-3BC9-4FA2-B7A6-36CD392C0F8A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:elite_tower_680_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.12.02\",\"matchCriteriaId\":\"0D61CB85-E92A-46C4-BA33-1CCC93844773\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:elite_tower_680_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0F4B5FB-0C8F-4A10-A7D7-229E09B686E7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:elite_tower_800_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.12.02\",\"matchCriteriaId\":\"78420715-F841-4FAE-85DA-24EC9C746121\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:elite_tower_800_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DDDBEA3-9E1A-45DC-9CD0-44B0E74CB735\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:elite_tower_880_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.12.02\",\"matchCriteriaId\":\"08B38079-64D1-458F-9631-EDC56AECD589\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:elite_tower_880_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40BD17E5-F0A4-4DAE-96FD-2E57CF96562C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:elitedesk_800_g8_desktop_mini_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.14.00\",\"matchCriteriaId\":\"D2D9A0DD-E47C-45B7-B016-4F119A2AF8E1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:elitedesk_800_g8_desktop_mini:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02AAD33B-E2BF-4960-B3E9-CC330A51053B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:elitedesk_800_g8_small_form_factor_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.14.00\",\"matchCriteriaId\":\"4C0A75BB-76C9-4717-A2D3-557CFAC0D0CB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:elitedesk_800_g8_small_form_factor:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D55CF15F-006A-40AF-9EE3-EC96C33E8110\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:elitedesk_800_g8_tower_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.14.00\",\"matchCriteriaId\":\"F6D59058-9F8A-4668-B62F-3418B2A55DC7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:elitedesk_800_g8_tower:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5467AC73-9734-43C4-853A-0264042EAF21\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:elitedesk_880_g8_tower_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.14.00\",\"matchCriteriaId\":\"98EE7C13-E1C4-4D39-A2E4-2B4B2A6C3967\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:elitedesk_880_g8_tower:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FCC7ABC-AFA2-429C-AA3B-ACBB9E33A08E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:eliteone_800_g8_24_all-in-one_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.14.00\",\"matchCriteriaId\":\"D1CDB301-919F-4405-BEC3-2D488056FEC9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:eliteone_800_g8_24_all-in-one:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC832981-5A67-4939-B92C-A889E2D8C42F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:eliteone_800_g8_27_all-in-one_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.14.00\",\"matchCriteriaId\":\"959360F1-E3BF-437B-AD2E-64BEB07AB7B4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:eliteone_800_g8_27_all-in-one:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AC7AAE0-87EF-40A4-A7DD-F362537C3B5C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:mini_conferencing_pc_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.12.02\",\"matchCriteriaId\":\"04384F51-2887-49F1-B8CB-4CBE2236F2ED\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:mini_conferencing_pc_with_zoom_rooms:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C11DAF2-3B4C-4342-8C5F-A693B5A5DB84\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:pro_mini_260_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.14.00\",\"matchCriteriaId\":\"66C9D878-2FF9-4E6D-B252-5FA3BBD40F40\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:pro_mini_260_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8687698F-4256-41BF-82EA-0B13033D2966\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:pro_mini_400_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.12.02\",\"matchCriteriaId\":\"3DC83487-6E02-42C4-B039-582B7647AC81\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:pro_mini_400_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F33FD50E-CF52-4423-9C62-512E228B659E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:pro_sff_400_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.12.02\",\"matchCriteriaId\":\"E4A10514-5BB3-4965-AC62-0B60AA476336\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:pro_sff_400_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D30639B5-8CDA-4923-89F4-BC14C59532E7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:pro_tower_400_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.12.02\",\"matchCriteriaId\":\"3D24CED7-F26C-42DC-8BD6-3A72C8770BDB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:pro_tower_400_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C655883-292C-458B-A679-F063C06CCA67\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:pro_tower_480_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.12.02\",\"matchCriteriaId\":\"37739984-0EEE-44E3-A909-60500DD306EC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:pro_tower_480_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFEBA395-4A52-42F9-92EC-11D871E131AD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:z1_g8_tower_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.14.00\",\"matchCriteriaId\":\"1BD1E6EF-DFDC-4E3B-ADA2-0A93770EF16B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:z1_g8_tower:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"875FD00D-4C03-4C29-90FB-5FF32B54BEA8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:z1_g9_tower_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.12.02\",\"matchCriteriaId\":\"45AD12AD-C7CE-4A83-9C3E-454E8481E121\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:z1_g9_tower:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1D8247A-B608-46F1-9485-F23E425F75AF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:z2_mini_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.02.02\",\"matchCriteriaId\":\"DF2AA60B-D154-4A22-AC66-FC51B81B34F3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:z2_mini_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48BEE9B5-99D5-4FF7-ACFA-662F4353DBAC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:z2_small_form_factor_g8_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"01.06.05\",\"matchCriteriaId\":\"89194595-86CF-4A01-85D6-483558005BC0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:z2_small_form_factor_g8:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D3E8CE5-62F0-47ED-A8AC-47E7AC1920FB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:z2_small_form_factor_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.02.02\",\"matchCriteriaId\":\"6AA9E522-DAF6-45E7-99BB-3914A4464336\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:z2_small_form_factor_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C5AC861-53BD-4D29-9455-86220C9E1CFA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:z2_tower_g8_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"01.06.05\",\"matchCriteriaId\":\"C36A0529-BB88-40E1-A187-834E9D9273D9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:z2_tower_g8:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEB82416-14CC-40F5-B1C0-1157A3EE7CFF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:z2_tower_g9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.02.02\",\"matchCriteriaId\":\"8073150F-8F0E-4DDE-B758-02C5F3041102\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:z2_tower_g9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DE8FC7F-23FC-487C-89AE-30A5FCFAA528\"}]}]}],\"references\":[{\"url\":\"https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907\",\"source\":\"hp-security-alert@hp.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"descriptions\": [{\"lang\": \"en\", \"value\": \"Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.\"}], \"affected\": [{\"vendor\": \"HP Inc.\", \"product\": \"Certain HP Desktop PC products\", \"defaultStatus\": \"unknown\", \"versions\": [{\"version\": \"See HP Security Bulletin reference for affected versions.\", \"status\": \"affected\"}]}], \"references\": [{\"url\": \"https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907\"}], \"providerMetadata\": {\"orgId\": \"74586083-13ce-40fd-b46a-8e5d23cfbcb2\", \"shortName\": \"hp\", \"dateUpdated\": \"2024-02-14T22:21:08.979Z\"}, \"x_generator\": {\"engine\": \"cveClient/1.0.15\"}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T15:10:58.745Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907\", \"tags\": [\"x_transferred\"]}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.4, \"attackVector\": \"PHYSICAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-48220\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-29T18:56:45.802429Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:h:hp:elite_mini_600_g9_desktop_pc:-:*:*:*:*:*:*:*\", \"cpe:2.3:h:hp:elite_mini_800_g9_desktop_pc:-:*:*:*:*:*:*:*\", \"cpe:2.3:h:hp:elite_sff_600_g9_desktop_pc:-:*:*:*:*:*:*:*\", \"cpe:2.3:h:hp:elite_sff_800_g9_desktop_pc:-:*:*:*:*:*:*:*\", \"cpe:2.3:h:hp:elite_tower_880_g9_desktop_pc:-:*:*:*:*:*:*:*\"], \"vendor\": \"hp\", \"product\": \"elite_tower_880_g9_desktop_pc\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"02.12.02_rev1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:hp:elitedesk_800_g8_desktop_mini_pc:-:*:*:*:*:*:*:*\", \"cpe:2.3:h:hp:elitedesk_800_g8_small_form_factor_pc:-:*:*:*:*:*:*:*\", \"cpe:2.3:h:hp:elitedesk_800_g8_tower_pc:-:*:*:*:*:*:*:*\", \"cpe:2.3:h:hp:elitedesk_880_g8_tower_pc:-:*:*:*:*:*:*:*\"], \"vendor\": \"hp\", \"product\": \"elitedesk_880_g8_tower_pc\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"02.14.00_rev1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:hp:eliteone_800_g8_24_all-in-one_pc:-:*:*:*:*:*:*:*\", \"cpe:2.3:h:hp:eliteone_800_g8_27_all-in-one_pc:-:*:*:*:*:*:*:*\"], \"vendor\": \"hp\", \"product\": \"eliteone_800_g8_27_all-in-one_pc\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"02.14.00_rev1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:hp:pro_mini_400_g9_desktop_pc:-:*:*:*:*:*:*:*\"], \"vendor\": \"hp\", \"product\": \"pro_mini_400_g9_desktop_pc\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"02.12.02_rev1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:hp:pro_sff_400_g9_desktop_pc:-:*:*:*:*:*:*:*\"], \"vendor\": \"hp\", \"product\": \"pro_sff_400_g9_desktop_pc\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"02.12.02_rev1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:hp:pro_tower_400_g9_desktop_pc:-:*:*:*:*:*:*:*\", \"cpe:2.3:h:hp:pro_tower_480_g9_desktop_pc:-:*:*:*:*:*:*:*\"], \"vendor\": \"hp\", \"product\": \"pro_tower_480_g9_desktop_pc\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"02.12.02_rev1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:hp:z1_g8_tower_desktop_pc:-:*:*:*:*:*:*:*\", \"cpe:2.3:h:hp:z1_g9_tower_desktop_pc:-:*:*:*:*:*:*:*\"], \"vendor\": \"hp\", \"product\": \"z1_g9_tower_desktop_pc\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"02.12.02_rev1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:hp:z2_small_form_factor_g8_workstation:-:*:*:*:*:*:*:*\", \"cpe:2.3:h:hp:z2_small_form_factor_g9_workstation:-:*:*:*:*:*:*:*\"], \"vendor\": \"hp\", \"product\": \"z2_small_form_factor_g9_workstation\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"01.06.05_rev1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:hp:z2_mini_g9_workstation:-:*:*:*:*:*:*:*\"], \"vendor\": \"hp\", \"product\": \"z2_mini_g9_workstation\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.02.02_rev1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:hp:z2_tower_g8_workstation:-:*:*:*:*:*:*:*\", \"cpe:2.3:h:hp:z2_tower_g9_workstation:-:*:*:*:*:*:*:*\"], \"vendor\": \"hp\", \"product\": \"z2_tower_g9_workstation\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.02.02_rev1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-203\", \"description\": \"CWE-203 Observable Discrepancy\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:10.938Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2022-48220\", \"assignerOrgId\": \"74586083-13ce-40fd-b46a-8e5d23cfbcb2\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"hp\", \"dateReserved\": \"2023-01-05T17:56:08.359Z\", \"datePublished\": \"2024-02-14T22:21:08.979Z\", \"dateUpdated\": \"2025-03-27T14:33:44.929Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…