CVE-2020-15596

CWE-427CWE-200Information Exposure3 documents3 sources
Severity
6.7MEDIUM
EPSS
0.1%
top 70.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
HP Elite X2 1012 G1 FirmwareHP Elite X2 1012 G2 FirmwareHP Elitebook 1030 G1 Firmware+11 more
Timeline
PublishedAug 12
Latest updateMay 24

Description

The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages14 packages

NVDhp/zbook_x2_g4_firmware< 8.2206.1717.634
NVDhp/pro_x2_612_g2_firmware< 8.2206.1717.634
NVDhp/zbook_studio_g3_firmware< 8.2206.1717.166
NVDhp/zbook_studio_g4_firmware< 8.2206.1717.634
NVDhp/elite_x2_1012_g1_firmware< 8.2206.1717.166

🔴Vulnerability Details

2
GHSA
GHSA-xp9g-2jr8-5wm3: The ALPS ALPINE touchpad driver before 82022-05-24
CVEList
CVE-2020-15596: The ALPS ALPINE touchpad driver before 82020-08-12