CVE-2022-48219

Name: CVE-2022-48219
Creator: NVD / NIST
Published: 2024-02-14T23:15:07.96+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6.4/10EPSS 0.28%

Last modified Jun 17, 2026

CVE-2022-48219 is a medium-severity vulnerability rated 6.4/10 on the CVSS scale. Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.. EPSS estimates a 0.28% chance of exploitation in the next 30 days.

Description

Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.

Metrics

CVSS 3.1

6.4/10

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

EPSS Probability

0.28%

19.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-693

Affected Software

Vendor	Product	Versions
Hp	Elite Mini 600 G9 Firmware	< 02.12.02
Hp	Elite Mini 800 G9 Firmware	< 02.12.02
Hp	Elite Sff 600 G9 Firmware	< 02.12.02
Hp	Elite Sff 800 G9 Firmware	< 02.12.02
Hp	Elite Tower 600 G9 Firmware	< 02.12.02
Hp	Elite Tower 680 G9 Firmware	< 02.12.02
Hp	Elite Tower 800 G9 Firmware	< 02.12.02
Hp	Elite Tower 880 G9 Firmware	< 02.12.02
Hp	Pro Mini 260 G9 Firmware	< 02.14.00
Hp	Pro Mini 400 G9 Firmware	< 02.12.02
Hp	Pro Sff 400 G9 Firmware	< 02.12.02
Hp	Pro Tower 400 G9 Firmware	< 02.12.02
Hp	Pro Tower 480 G9 Firmware	< 02.12.02
Hp	Z1 G8 Tower Firmware	< 02.14.00
Hp	Z1 G9 Tower Firmware	< 02.12.02
Hp	Elitedesk 800 G8 Desktop Mini Firmware	< 02.14.00
Hp	Elitedesk 800 G8 Small Form Factor Firmware	< 02.14.00
Hp	Elitedesk 800 G8 Tower Firmware	< 02.14.00
Hp	Elitedesk 880 G8 Tower Firmware	< 02.14.00
Hp	Eliteone 800 G8 24 All-In-One Firmware	< 02.14.00
Hp	Eliteone 800 G8 27 All-In-One Firmware	< 02.14.00
Hp	Mini Conferencing Pc Firmware	< 02.12.02
Hp	Z2 Mini G9 Firmware	< 02.02.02
Hp	Z2 Small Form Factor G8 Firmware	< 01.06.05
Hp	Z2 Small Form Factor G9 Firmware	< 02.02.02
Hp	Z2 Tower G8 Firmware	< 01.06.05
Hp	Z2 Tower G9 Firmware	< 02.02.02

References

https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907Vendor Advisory
https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907Vendor Advisory

Timeline

Published: Feb 14, 2024
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2022-48219?

How severe is CVE-2022-48219?

CVE-2022-48219 has a CVSS score of 6.4/10 (MEDIUM severity). The EPSS model estimates a 0.28% probability of exploitation in the next 30 days.

How do I fix CVE-2022-48219?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-48219?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST