hp-support-head-portlet

Actions
Loading...
HP Customer Support - Knowledge Base

hp-contact-secondary-navigation-portlet

Actions
Loading...

hp-share-print-widget-portlet

Actions
Loading...

hp-concentra-wrapper-portlet

Actions
Loading...

SUPPORT COMMUNICATION- SECURITY BULLETIN

Document ID: c06330088

Version: 2

HPSBHF03616 rev. 2 - Intel CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates

Notice:: The information in this security bulletin should be acted upon as soon as possible.

Release date : 20-May-2019

Last updated : 20-May-2019

Potential Security Impact:
Escalation of Privilege, Denial of Service, Information Disclosure
Source: HP, HP Product Security Response Team (PSRT)
Reported By: Intel

VULNERABILITY SUMMARY
Multiple potential security vulnerabilities have been identified with Intel® CSME, Trusted Execution Engine and Intel® Active Management Technology which may allow users to potentially escalate privileges, disclose information or cause a denial of service.
Reference Number
CVE-2019-0086, CVE-2019-0089, CVE-2019-0090, CVE-2019-0091, CVE-2019-0092, CVE-2019-0093, CVE-2019-0094, CVE-2019-0096, CVE-2019-0097, CVE-2019-0098, CVE-2019-0099, CVE-2019-0153, CVE-2019-0170, INTEL SA-00213 (in English), PSR-2019-0107
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
See RESOLUTION section for impacted products.
BACKGROUND
For a PGP signed version of this security bulletin please write to: hp-security-alert@hp.com
CVSS 3.0 Base Metrics
Reference
Base Vector
Base Score
CVE-2019-0089
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H
8.1
CVE-2019-0090
CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
7.1
CVE-2019-0086
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8
CVE-2019-0091
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
6.6
CVE-2019-0092
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8
CVE-2019-0093
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
2.3
CVE-2019-0094
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3
CVE-2019-0096
CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H
6.7
CVE-2019-0097
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.9
CVE-2019-0098
CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
5.7
CVE-2019-0099
CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
5.7
CVE-2019-0153
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
9.0
CVE-2019-0170
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2
RESOLUTION
HP has identified the affected platforms and target dates for Softpaqs. See the affected platforms listed below.
note:
This bulletin will be updated. Check back frequently for updates to this section and other sections.
Pending: Softpaq is in progress.
Under investigation: System under investigation for impact, or Softpaq under investigation for feasibility/availability.
Not available: Softpaq not available due to technical or logistical constraints.

Business PCs and Retail Point-of-Sale systems

Product Name
Updated Version
SoftPaq #
SoftPaq Link
HP 260 G2 DM
11.8.65.3590
SP95654
HP 260 G3 DM
11.8.65.3590
SP95652
HP 280 G2 Microtower Business PC
11.8.65.3590
SP95654
HP 280 G2 Small Form Factor PC
11.8.65.3590
SP95654
HP 280 G3 MT
11.8.65.3590
SP95652
HP 280 G3 PCI MT
11.8.65.3590
SP95652
HP 280 G3 PCI MT (India)
11.8.65.3590
SP95652
HP 280 Pro G3 MT
11.8.65.3590
SP95652
HP 282 Pro G3 MT
11.8.65.3590
SP95652
HP 288 Pro G3 MT
11.8.65.3590
SP95652
HP 290 G1 MT
11.8.65.3590
SP95652
HP 290 G1 PCI MT
11.8.65.3590
SP95652
HP 340 G3 Notebook PC
11.8.65.3590
Pending
Pending
HP 340 G4 Notebook PC
11.8.65.3590
SP95683
HP 346 G3 Notebook PC
11.8.65.3590
Pending
Pending
HP 346 G4 Notebook PC
11.8.65.3590
SP95683
HP 348 G3 Notebook PC
11.8.65.3590
Pending
Pending
HP 348 G4 Notebook PC
11.8.65.3590
SP95683
HP 406 Microtower Business PC
11.8.65.3590
SP95653
HP Elite Slice
11.8.65.3590
SP95651
HP Elite x2 1012 G1 Tablet
11.8.65.3590
SP95682
HP Elite x2 1012 G2 Tablet
11.8.65.3590
SP95679
HP Elite x2 1013 G3 Tablet
11.8.65.3590
SP95799
HP EliteBook 1030 G1 Notebook PC
11.8.65.3590
SP95682
HP EliteBook 1040 G4 Notebook PC H
11.8.65.3590
SP95679
HP EliteBook 1040 G4 Notebook PC U
11.8.65.3590
SP95679
HP EliteBook 1050 G1 Notebook PC
12.0.35.1427
SP95879
HP EliteBook 820 G3 Notebook PC
11.8.65.3590
SP95682
HP EliteBook 828 G3 Notebook PC
11.8.65.3590
SP95682
HP EliteBook 830 G5 Notebook PC
11.8.65.3590
SP95880
HP EliteBook 836 G5 Notebook PC
11.8.65.3590
SP95880
HP EliteBook 840 G3 Notebook PC
11.8.65.3590
SP95682
HP EliteBook 840 G4 Notebook PC
11.8.65.3590
SP95679
HP EliteBook 840 G5 Healthcare Edition Notebook PC
11.8.65.3590
SP95880
HP EliteBook 840 G5 Notebook PC
11.8.65.3590
SP95880
HP EliteBook 840r G4 Notebook PC
11.8.65.3590
SP95881
HP EliteBook 846 G5 Notebook PC
11.8.65.3590
SP95880
HP EliteBook 846r G4 Notebook PC
11.8.65.3590
SP95881
HP EliteBook 848 G3 Notebook PC
11.8.65.3590
SP95682
HP EliteBook 848 G4 Notebook PC
11.8.65.3590
SP95679
HP EliteBook 850 G3 Notebook PC
11.8.65.3590
SP95682
HP EliteBook 850 G4 Notebook PC
11.8.65.3590
SP95679
HP EliteBook 850 G5 Notebook PC
11.8.65.3590
SP95880
HP EliteBook Folio 1040 G3 Notebook PC
11.8.65.3590
SP95682
HP EliteBook Folio G1 Notebook PC
11.8.65.3590
SP95682
HP EliteBook x360 1020 G2 Notebook PC
11.8.65.3590
SP95679
HP EliteBook x360 1030 G2 Notebook PC
11.8.65.3590
SP95679
HP EliteBook x360 1030 G3 Notebook PC
11.8.65.3590
SP95876
HP EliteBook x360 1040 G5 Notebook PC
11.8.65.3590
SP95832
HP EliteDesk 800 G2 DM
11.8.65.3590
SP95653
HP EliteDesk 800 G2 SFF
11.8.65.3590
SP95653
HP EliteDesk 800 G2 TWR
11.8.65.3590
SP95653
HP EliteDesk 800 G3 DM
11.8.65.3590
SP95651
HP EliteDesk 800 G3 SFF
11.8.65.3590
SP95651
HP EliteDesk 800 G3 TWR
11.8.65.3590
SP95651
HP EliteDesk 800 G4 DM
12.0.35.1427
SP95763
HP EliteDesk 800 G4 SFF
12.0.35.1427
SP96002
HP EliteDesk 800 G4 TWR
12.0.35.1427
SP96002
HP EliteDesk 880 G3 TWR
11.8.65.3590
SP95651
HP EliteDesk 880 G4 TWR
12.0.35.1427
SP96002
HP EliteOne 1000 G1 AiO PC
11.8.65.3590
SP95651
HP EliteOne 1000 G2 AIO
12.0.35.1427
SP95729
HP EliteOne 800 G2 AiO PC
11.8.65.3590
SP95653
HP EliteOne 800 G3 AiO PC
11.8.65.3590
SP95651
HP EliteOne 800 G3 GPU AiO PC
11.8.65.3590
SP95651
HP EliteOne 800 G4 AIO
12.0.35.1427
SP95761
HP Engage Flex Pro Retail System
12.0.35.1427
SP95790
HP Engage Flex Pro-C Retail System
12.0.35.1427
SP95790
HP Engage Go Mobile System
11.8.65.3590
SP95801
HP Engage One AIO System
11.8.65.3590
SP95651
HP MP9 G2 Retail System
11.8.65.3590
SP95653
HP MP9 G4 Retail System
12.0.35.1427
SP95762
HP mt20 Mobile Thin Client
11.8.65.3590
SP95683
HP mt21 Mobile Thin Client
11.8.65.3590
SP95683
HP mt31 Mobile Thin Client
11.8.65.3590
SP96038
HP Pro Tablet 608 G1
Pending
Pending
Pending
HP Pro x2 612 G2
11.8.65.3590
SP95679
HP ProBook 11 G2 Education Edition
11.8.65.3590
SP95680
HP ProBook 430 G3 Notebook PC
11.8.65.3590
SP95680
HP ProBook 430 G4 Notebook PC
11.8.65.3590
SP95680
HP ProBook 430 G5 Notebook PC
11.8.65.3590
SP95894
HP ProBook 430 G6
12.0.35.1427
SP96102
HP ProBook 440 G3 Notebook PC
11.8.65.3590
SP95680
HP ProBook 440 G4 Notebook PC
11.8.65.3590
SP95680
HP ProBook 440 G5 Notebook PC
11.8.65.3590
SP95894
HP ProBook 440 G6
12.0.35.1427
SP96102
HP ProBook 450 G3 Notebook PC
11.8.65.3590
SP95680
HP ProBook 450 G4 Notebook PC
11.8.65.3590
SP95680
HP ProBook 450 G5 Notebook PC
11.8.65.3590
SP95894
HP ProBook 450 G6
12.0.35.1427
SP96102
HP ProBook 470 G3 Notebook PC
11.8.65.3590
SP95680
HP ProBook 470 G4 Notebook PC
11.8.65.3590
SP95680
HP ProBook 470 G5 Notebook PC
11.8.65.3590
SP95894
HP ProBook 640 G2 Notebook PC
11.8.65.3590
SP95682
HP ProBook 640 G3 Notebook PC
11.8.65.3590
SP95679
HP ProBook 640 G4 Notebook PC
11.8.65.3590
SP95900
HP ProBook 650 G2 Notebook PC
11.8.65.3590
SP95682
HP ProBook 650 G3 Notebook PC
11.8.65.3590
SP95679
HP ProBook 650 G4 Notebook PC
11.8.65.3590
SP95900
HP ProBook 650 G4 Notebook PC - Q77 BIOS
11.8.65.3590
SP95900
HP ProBook x360 11 G1 Education Edition
3.1.65.2317
SP96217
HP ProBook x360 11 G2 Education Edition
11.8.65.3590
SP95683
HP ProBook x360 11 G3 Education Edition
4.0.15.1303
SP96192
HP ProBook x360 11 G4 Education Edition
11.8.65.3590
SP95875
HP ProBook x360 440 G1 Notebook PC
11.8.65.3590
SP95896
HP ProDesk 400 G2 DM
11.8.65.3590
SP95654
HP ProDesk 400 G3 DM
11.8.65.3590
SP95652
HP ProDesk 400 G3 SFF
11.8.65.3590
SP95654
HP ProDesk 400 G4 DM
12.0.35.1427
SP95764
HP ProDesk 400 G4 MT
11.8.65.3590
SP95652
HP ProDesk 400 G4 SFF
11.8.65.3590
SP95652
HP ProDesk 400 G5 MT
12.0.35.1427
SP95843
HP ProDesk 400 G5 SFF
12.0.35.1427
SP95846
HP ProDesk 480 G3 SFF
11.8.65.3590
SP95654
HP ProDesk 480 G4 MT
11.8.65.3590
SP95652
HP ProDesk 480 G4 MT
11.8.65.3590
SP95652
HP ProDesk 480 G5 MT
12.0.35.1427
SP95843
HP ProDesk 480 G5 SFF
12.0.35.1427
SP95846
HP ProDesk 490 G3 SFF
11.8.65.3590
SP95654
HP ProDesk 498 G3 SFF
11.8.65.3590
SP95654
HP ProDesk 600 G2 DM
11.8.65.3590
SP95653
HP ProDesk 600 G2 SFF
11.8.65.3590
SP95653
HP ProDesk 600 G3 DM
11.8.65.3590
SP95651
HP ProDesk 600 G3 MT
11.8.65.3590
SP95651
HP ProDesk 600 G3 SFF
11.8.65.3590
SP95651
HP ProDesk 600 G4 DM
12.0.35.1427
SP95762
HP ProDesk 600 G4 MT
12.0.35.1427
SP96003
HP ProDesk 600 G4 SFF
12.0.35.1427
SP95845
HP ProDesk 680 G3 MT
11.8.65.3590
SP95651
HP ProDesk 680 G4 MT
12.0.35.1427
SP96003
HP ProOne 400 G2 AiO PC
11.8.65.3590
SP95654
HP ProOne 400 G3 AiO PC
11.8.65.3590
SP95652
HP ProOne 600 G2 AiO PC
11.8.65.3590
SP95653
HP ProOne 600 G3 AiO PC
11.8.65.3590
SP95651
HP ProOne 600 G4 AiO
12.0.35.1427
SP95767
HP ProOne 600 PC
11.8.65.3590
SP95651
HP RP9 G1 Retail System Model 9015 & 9018
11.8.65.3590
SP95651
HP RP9 G1 Retail System Model 9115 & 9118
11.8.65.3590
SP95651
HP ZBook 14u G4 Mobile Workstation
11.8.65.3590
SP95679
HP ZBook 14u G5 Mobile Workstation
11.8.65.3590
SP95880
HP ZBook 15 G3 Mobile Workstation
11.8.65.3590
SP95682
HP ZBook 15 G4 Mobile Workstation
11.8.65.3590
SP95679
HP ZBook 15 G5 Mobile Workstation
12.0.35.1427
SP95877
HP ZBook 15u G3 Mobile Workstation
11.8.65.3590
SP95682
HP ZBook 15u G4 Mobile Workstation
11.8.65.3590
SP95679
HP ZBook 15u G5 Mobile Workstation
11.8.65.3590
SP95880
HP ZBook 17 G3 Mobile Workstation
11.8.65.3590
SP95682
HP ZBook 17 G4 Mobile Workstation
11.8.65.3590
SP95679
HP ZBook 17 G5 Mobile Workstation
12.0.35.1427
SP95877
HP ZBook Studio G3 Mobile Workstation
11.8.65.3590
SP95682
HP ZBook Studio G4 Mobile Workstation
11.8.65.3590
SP95679
HP ZBook Studio G5 Mobile Workstation
12.0.35.1427
SP95878
HP ZBook x2 G4 Detachable Workstation
11.8.65.3590
SP95679
HP Zhan 66 Pro 13 G2
12.0.35.1427
SP96103
HP Zhan 66 Pro 14 G2
12.0.35.1427
SP96103
HP Zhan 66 Pro 15 G2
12.0.35.1427
SP96103
HP Zhan 66 Pro G1
11.8.65.3590
SP95895
HP Zhan 86 Pro G1 MT
11.8.65.3590
SP95652

Immersive PCs

Platform list pending.

Desktop Workstation PCs

Product Name
Updated Version
SoftPaq #
SoftPaq Link
HP Z1 G3 Workstation Linux
11.8.65.3590
SP95785
Pending
HP Z1 G3 Workstation Win 10
11.8.65.3590
SP95786
HP Z1 G3 Workstation Win 7
11.8.65.3590
SP95786
HP Z2 Mini G3 Workstation Linux
11.8.65.3590
SP95785
Pending
HP Z2 Mini G3 Workstation Win 10
11.8.65.3590
SP95786
HP Z2 Mini G3 Workstation Win 7
11.8.65.3590
SP95786
HP Z238 Microtower Workstation Linux
11.8.65.3590
SP95785
Pending
HP Z238 Microtower Workstation Win 10
11.8.65.3590
SP95786
HP Z238 Microtower Workstation Win 7
11.8.65.3590
SP95786
HP Z240 SFF Workstation Linux
11.8.65.3590
SP95785
Pending
HP Z240 SFF Workstation Win 10
11.8.65.3590
SP95786
HP Z240 SFF Workstation Win 7
11.8.65.3590
SP95786
HP Z240 Tower Workstation Linux
11.8.65.3590
SP95785
Pending
HP Z240 Tower Workstation Win 10
11.8.65.3590
SP95786
HP Z240 Tower Workstation Win 7
11.8.65.3590
SP95786
HP Z4 G4 Core-X Workstation Linux
11.11.65.1590
SP95783
Pending
HP Z4 G4 Core-X Workstation Win 10
11.11.65.1590
SP95784
HP Z4 G4 Core-X Workstation Win 7
11.11.65.1590
SP95784
HP Z4 G4 Workstation (Xeon W) Linux
11.11.65.1590
SP95783
Pending
HP Z4 G4 Workstation (Xeon W) Win 10
11.11.65.1590
SP95784
HP Z4 G4 Workstation (Xeon W) Win 7
11.11.65.1590
SP95784
HP Z6 G4 Workstation Linux
11.22.65.1590
SP95781
Pending
HP Z6 G4 Workstation Win 10
11.22.65.1590
SP95782
HP Z6 G4 Workstation Win 7
11.22.65.1590
SP95782
HP Z8 G4 Workstation Linux
11.22.65.1590
SP95781
Pending
HP Z8 G4 Workstation Win 10
11.22.65.1590
SP95782
HP Z8 G4 Workstation Win 7
11.22.65.1590
SP95782
HP ZVR Backpack Workstation G1 Win 10
11.8.65.3590
PENDING
Pending
HP ZVR Backpack Workstation G1 Win 7
11.8.65.3590
PENDING
Pending
Z2 Mini G4 Workstation Linux
12.00.35.1427
SP95750
Pending
Z2 Mini G4 Workstation Win 10
12.00.35.1427
SP95751
Pending
Z2 Mini G4 Workstation Win 7
12.00.35.1427
SP95751
Pending
Z2 SFF G4 Workstation Linux
12.00.35.1427
SP95750
Pending
Z2 SFF G4 Workstation WIN 10
12.00.35.1427
SP95751
Pending
Z2 SFF G4 Workstation WIN 7
12.00.35.1427
SP95751
Pending
Z2 TWR G4 Workstation Linux
12.00.35.1427
SP95750
Pending
Z2 TWR G4 Workstation Win 10
12.00.35.1427
SP95751
Pending
Z2 TWR G4 Workstation Win 7
12.00.35.1427
SP95751
Pending

Consumer PCs

Platform list pending.
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, visit http://www.hp.com/go/contacthp to learn about your HP support options.
Report: To report a potential security vulnerability with any HP supported product, send email to: hp-security-alert@hp.com.
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via email, visit https://www.hp.com/go/alerts.
Security Bulletin Archive: To view released Security Bulletins, search the HP Support Site for "security bulletin".
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
PI
HP Printing and Imaging
HF
HP Hardware and Firmware
GN
HP General Software
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as follows:
Subject: get key
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin.HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action.HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin.To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
REVISION HISTORY : Version: 1 - 14 May 2019 Initial release. Version: 2 - 20 May 2019 Updated Business PC & RPOS platform list, added link to SA-00213, added CVEs.

HP Inc. shall not be liable for technical or editorial errors or omissions contained herein.The information provided is provided "as is" without warranty of any kind.To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restorationThe information in this document is subject to change without notice.HP Inc. and the names of HP products referenced herein are trademarks of HP Inc. in the United States and other countries.Other product and company names mentioned herein may be trademarks of their respective owners.

hp-feedback-input-portlet

Actions
Loading...

hp-feedback-banner-portlet

Actions
Loading...

hp-country-locator-portlet

Actions
Loading...
Country/Region: Flag United States

hp-detect-load-my-device-portlet

Actions
Loading...