What is CVE-2019-16284?

CVE-2019-16284 is a high-severity vulnerability in Hp 260_g1_dm. CVSS score: 7.2/10. Published 2019-11-05.

How severe is CVE-2019-16284?

High severity. CVSS v3 base score is 7.2 out of 10.

Vulnerability in Hp 260_g1_dm

CVE-2019-16284

A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure…

EPSS: 0.020 (77.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Hp 260_g1_dm
Hp 260_g1_dm_firmware
Hp 280_pro_g1
Hp 280_pro_g1_firmware
Hp 285_g2
Hp 285_g2_firmware
Hp 340_g3
Hp 340_g3_firmware
Hp 340_g4
Hp 340_g4_firmware

References

hp-security-alert@hp.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2019-16284?: CVE-2019-16284 is a high-severity vulnerability in Hp 260_g1_dm. CVSS score: 7.2/10. Published 2019-11-05.
How severe is CVE-2019-16284?: High severity. CVSS v3 base score is 7.2 out of 10.