CVE-2019-18913 : Security Advisory and Response
Learn about CVE-2019-18913, a security weakness in HP Intel-based Business PCs supporting Microsoft Windows 10 Kernel DMA protection, allowing unauthorized UEFI code execution. Find mitigation steps and affected versions.
A security weakness related to pre-boot DMA in HP Intel-based Business PCs supporting Microsoft Windows 10 Kernel DMA protection could lead to unauthorized UEFI code execution through open-case attacks.
Understanding CVE-2019-18913
What is CVE-2019-18913?
This CVE identifies a vulnerability in HP PCs that could allow attackers to execute unauthorized UEFI code by exploiting pre-boot DMA.
The Impact of CVE-2019-18913
The vulnerability poses a risk of arbitrary code execution, denial of service, and information disclosure on affected systems.
Technical Details of CVE-2019-18913
Vulnerability Description
The issue requires physical access to internal expansion slots and specialized tools to modify UEFI code, affecting HP Intel-based Business PCs supporting Microsoft Windows 10 Kernel DMA protection.
Affected Systems and Versions
- Affected systems: HP Intel-based Business PCs supporting Microsoft Windows 10 Kernel DMA protection
- Affected versions: Depends on platform, including versions prior to 01.04.02, 02.04.01, or 02.04.02
Exploitation Mechanism
Attackers need physical access to internal expansion slots and specialized hardware and software tools to alter UEFI code stored in memory.
Mitigation and Prevention
Immediate Steps to Take
- Implement physical security measures to prevent unauthorized access to internal components
- Regularly monitor and restrict physical access to systems
Long-Term Security Practices
- Educate users on the risks of physical attacks and the importance of securing hardware
- Implement BIOS/UEFI password protection and encryption
Patching and Updates
- Apply firmware updates provided by HP to address the vulnerability