![]() ![]() The issues themselves are rooted in a component called OMEN Command Center that comes pre-installed on HP OMEN-branded laptops and desktops and can also be downloaded from the Microsoft Store. The computer hardware company has since released a security update to its customers to address these vulnerabilities. ![]() Tracked as CVE-2021-3437 (CVSS score: 7.8), the vulnerabilities could allow threat actors to escalate privileges to kernel mode without requiring administrator permissions, allowing them to disable security products, overwrite system components, and even corrupt the operating system.Ĭybersecurity firm SentinelOne, which discovered and reported the shortcoming to HP on February 17, said it found no evidence of in-the-wild exploitation. Attackers can then use other techniques to encroach on the broader network (such as lateral movement) and, for example, inject malware.Cybersecurity researchers on Tuesday disclosed details about a high-severity flaw in the HP OMEN driver software that impacts millions of gaming computers worldwide, leaving them open to an array of attacks. One of the obvious abuses of such vulnerabilities is bypassing security software.Īn attacker with access to an organization's network can also run code on unpatched systems and exploit these vulnerabilities to escalate local privileges. This serious vulnerability, if exploited, could allow any user on the computer, even without privileges, to escalate their privileges and execute code in kernel mode. Ways to exploit the vulnerabilityĪn exploitable kernel driver vulnerability can give a non-privileged user SYSTEM privileges because the vulnerable driver is locally available to everyone. After the discovery of a vulnerability in printers (see also Serious vulnerability in printer drivers from HP, Xerox and Samsung), this is already the second serious vulnerability in HP devices that researchers have uncovered this year. ![]() ![]() Specifically, the two product versions affected are HP OMEN Gaming Hub (prior to version 11.6.3.0) and HP OMEN Gaming Hub SDK package (prior to version 1.0.44). When security researchers from SentinelLabs took a closer look, they came across a serious vulnerability that puts millions of HP OMEN-branded gaming devices at risk. These vulnerabilities can very easily allow malicious actors to execute code in kernel mode because the transition to kernel mode is via an MSR (Minimum Security Requirement). These vulnerabilities allow attackers to enter kernel mode without administrator privileges. A closer look at the driversĭuring previous investigations of other HP products, security researchers found that the software of HP OMEN devices uses a pre-installed driver that contains vulnerabilities. Vulnerabilities then have serious consequences. The problem, however, is that these packages often use kernel drivers to access the hardware. The software can be used to control and optimize settings like device GPU, fan speeds, CPU overclocking, memory and more. The OMEN Gaming Hub is a software product that comes pre-installed on all HP OMEN desktops and laptops and can be downloaded from the Microsoft Store to any Windows 10 computer that uses OMEN branded accessories. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |