CVE-2020-15596 - OpenCVE

The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Hp	Elitebook 1030 G1 Elitebook X360 1030 G2 Zbook X2 G4 Firmware Elite X2 1012 G2 Elitebook 1030 G1 Firmware Zbook Studio G3 Elitebook Folio 1040 G3 Elitebook Revolve 810 G2 Firmware Elitebook Revolve 810 G3 Firmware Elitebook Folio G1 Firmware Elitebook 1040 G4 Elitebook Revolve 810 G3 Pro X2 612 G2 Elite X2 1012 G2 Firmware Elitebook X360 1020 G2 Firmware Zbook Studio G3 Firmware Pro X2 612 G2 Firmware Elite X2 1012 G1 Firmware Zbook Studio G4 Firmware Zbook Studio G4 Elitebook X360 1020 G2 Elitebook Folio 1040 G3 Firmware Elitebook Folio G1 Elitebook 1040 G4 Firmware Elitebook X360 1030 G2 Firmware Elitebook Revolve 810 G2 Zbook X2 G4 Elite X2 1012 G1

Configuration 1 [-]

AND

cpe:2.3:o:hp:elite_x2_1012_g1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:elite_x2_1012_g1:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:hp:elite_x2_1012_g2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:elite_x2_1012_g2:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:hp:elitebook_1030_g1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:elitebook_1030_g1:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:hp:elitebook_1040_g4_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:elitebook_1040_g4:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:hp:elitebook_folio_1040_g3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:elitebook_folio_1040_g3:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:hp:elitebook_folio_g1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:elitebook_folio_g1:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:hp:elitebook_revolve_810_g2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:elitebook_revolve_810_g2:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:hp:elitebook_revolve_810_g3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:elitebook_revolve_810_g3:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:hp:elitebook_x360_1020_g2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:elitebook_x360_1020_g2:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:hp:elitebook_x360_1030_g2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:elitebook_x360_1030_g2:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:hp:pro_x2_612_g2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:pro_x2_612_g2:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:hp:zbook_studio_g3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:zbook_studio_g3:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:hp:zbook_studio_g4_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:zbook_studio_g4:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:hp:zbook_x2_g4_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:zbook_x2_g4:-:*:*:*:*:*:*:*

References

Link	Resource
https://seclists.org/fulldisclosure/2020/Jul/30	Mailing List Third Party Advisory
https://support.hp.com/document/c06706305	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2020-08-12T21:35:44

Updated: 2020-08-12T21:35:44

Reserved: 2020-07-07T00:00:00

Link: CVE-2020-15596

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-08-12T22:15:12.453

Modified: 2021-07-21T11:39:23.747

Link: CVE-2020-15596

JSON object: View

Redhat Information

No data.

CWE

CWE-427