hp-support-head-portlet

Acties
Bezig met laden...
HP klantenondersteuning - kennisdatabase

hp-contact-secondary-navigation-portlet

Acties
Bezig met laden...

hp-share-print-widget-portlet

Acties
Bezig met laden...
  • Informatie

    Los het updateprobleem van Windows 10 op een HP computer of printer op. Klik hier

    Informatie
    Maak vandaag nog een HP-account aan!

    Maak sneller verbinding met HP-ondersteuning, beheer al uw apparaten op één plek, bekijk garantie-informatie en meer. Leer meer

hp-concentra-wrapper-portlet

Acties
Bezig met laden...

BIOS June 2021 Security Updates

Intel has informed HP of potential security vulnerabilities identified in (a) some Intel® Virtualization Technology for Directed I/O (VT-d) products which may allow escalation of privilege, (b) in the BIOS firmware for some Intel® Processors which may allow escalation of privilege or denial of service, and (c) in some Intel® Processors which may allow information disclosure. In addition, HP has identified a potential vulnerability in BIOS firmware of some Workstation products. Firmware updates are being released to mitigate these potential vulnerabilities.

Severity

High

HP Reference

HPSBHF03735 Rev. 2

Release date

June 8, 2021

Last updated

July 7, 2021

Category

PC

Potential Security Impact

Escalation of Privilege, Denial of Service, Information Disclosure

Relevant Common Vulnerabilities and Exposures (CVE) List

Intel

List of CVE IDs

CVE ID

Base Score

Base Vector

Vendor ID

CVE-2020-24489

8.8

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

INTEL-SA-00442

CVE-2021-3439

7.8

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

HP

CVE-2020-12357

7.5

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

INTEL-SA-00463

CVE-2020-8670

7.5

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

INTEL-SA-00463

CVE-2020-8700

7.5

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

INTEL-SA-00463

CVE-2020-12359

7.1

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

INTEL-SA-00463

CVE-2020-12358

6.7

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:H

INTEL-SA-00463

CVE-2021-0095

6.0

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

INTEL-SA-00463

CVE-2020-12360

5.6

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

INTEL-SA-00463

CVE-2020-24511

5.6

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

INTEL-SA-00464

CVE-2020-24513

5.6

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

INTEL-SA-00465

CVE-2020-24486

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

INTEL-SA-00463

CVE-2020-24512

2.8

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N

INTEL-SA-00464

Learn more about CVSS 3.1 base metrics, which range from 0 to 10.

PSR: PSR-2021-0102, PSR-2021-0065

Resolution

Intel has released updates to mitigate the potential vulnerabilities. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that mitigate the potential vulnerabilities.

Newer versions may become available and the minimum versions listed below may become obsolete.  If a SoftPaq Link becomes invalid, check the HP Customer Support - Software and Driver Downloads site to obtain the latest update for your product model.

HP recommends keeping your system up to date with the latest firmware and software.

Note:

This bulletin might be updated when new information and/or SoftPaqs are available. Sign up for HP Subscriptions to be notified and receive:

  • Product support eAlerts

  • Driver updates

  • Security Bulletin updates

Softpaqs and affected products

Find the SoftPaqs that resolve the vulnerabilities of your system.

SoftPaq Status

A status is provided if no SoftPaq is listed for a particular product.

  • Pending: SoftPaq is in progress.

  • Under investigation: System under investigation for impact, or the SoftPaq is under investigation for feasibility/availability.

  • Not available: SoftPaq not available due to technical or logistical constraints.

  • Check Support Page: The listed SoftPaq has been removed from the download site. SoftPaqs with newer versions may be available on the HP Customer Support - Software and Driver Downloads site.