If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive.Referenceshttps://support.hp.com/us-en/document/c06509350http://seclists.org/fulldisclosure/2020/Mar/30http://packetstormsecurity.com/files/156895/HP-ThinPro-6.x-7.x-Information-Disclosure.html
