Elite X2 1012 G1 Firmware
CVE-2020-15596
MEDIUM
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file.
AnalysisAI
The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-427. The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file. Affected products include: Hp Elite X2 1012 G1 Firmware, Hp Elite X2 1012 G2 Firmware, Hp Elitebook 1030 G1 Firmware, Hp Elitebook 1040 G4 Firmware, Hp Elitebook Folio 1040 G3 Firmware. Version information: before 8.2206.1717.634.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Elite X2 1012 G1 Firmware
View allA potential vulnerability has been identified in the system BIOS for certain HP PC products which may allow escalation o
A potential security vulnerability has been identified in multiple HP products and versions which involves possible exec
Same weakness CWE-427 – Uncontrolled Search Path Element
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today