The vulnerability stems from an issue with DLL loading in Open Source Hardware, used by tens of millions of computers, researchers say. The affected software monitors temperature sensors, fan speeds, voltages, load and clock speeds of a computer. It is a key third-party component of HP TouchPoint Analytics, a service that anonymously collects diagnostic information about hardware performance. The vulnerability (CVE-2019-6333) has a CVSS score of 6.7 out of 10.0, which translates to medium severity.
Source: https://threatpost.com/hp-touchpoint-analytics-opens-pcs-to-code-execution-attack/149069/