13 matches found
EUVD-2015-0957
Malware in sbrugna...
K04362926: BIOS SMM privilege escalation vulnerability CVE-2015-0949
Security Advisory Description The System Management Mode SMM implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local...
Deep Instinct Windows Agent 1.2.29.0 - (DeepMgmtService) Unquoted Service Path Vulnerability
Exploit Title: Deep Instinct Windows Agent 1.2.29.0 - 'DeepMgmtService' Unquoted Service Path Discovery by: Oscar Flores Vendor Homepage: https://www.deepinstinct.com/ Software Links :...
CVE-2015-0949
The System Management Mode SMM implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local users to bypass the Secure Bo...
Design/Logic Flaw
The System Management Mode SMM implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local users to bypass the Secure Bo...
CVE-2015-0949
The System Management Mode SMM implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local users to bypass the Secure Bo...
CVE-2015-0949
CVE-2015-0949 pertains to SMM (System Management Mode) call-outs that may run outside SMRAM in certain BIOS implementations (Dell Latitude E6430 A09, HP EliteBook 850 G1 L71 Ver. 01.09, and potentially others). Root cause: SMM code does not ensure function calls operate on SMRAM memory locations,...
CVE-2017-8360
Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data keystrokes to any process. In mictray64.exe mic tray icon 1.0.0.46, a LowLevelKeyboardProc Windows hook is used to capture keystrokes. This data is leaked via unintended channels: deb...
HPSBGN3551 rev. 2- HP Hotkey, Escalation of Privilege
Potential Security Impact Elevation of Privilege VULNERABILITY SUMMARY Hotkey Support service used an unquoted service path. An attacker who had physical access to the system may gain elevated privileges by inserting an executable file in the path of the affected service RESOLUTION Download and...
HPSBHF3549 rev.2 - ThinkPwn UEFI BIOS SmmRuntime Escalation of Privilege
Potential Security Impact System downtime, or privilege escalation. Source:HP, HP Product Security Response Team PSRT Reported by: Dmytro Oleksiuk VULNERABILITY SUMMARY A security vulnerability identified with UEFI firmware, dubbed ThinkPwn, has been addressed in certain HP commercial notebook PC...
HPSBHF03439 rev.2 - HP Commercial PCs with Sure Start, Local Denial of Service
Potential Security Impact Denial of Service DoS Source: HewlettPackard Company, HP Software Security Response Team VULNERABILITY SUMMARY HP has identified a potential security vulnerability with the Sure Start implementation on certain 2015 commercial platforms. This vulnerability could be...
HPSBHF03513 rev.2 - HP PCs and Workstations running Windows and Linux with NVIDIA Graphics Driver, Local Denial of Service (DoS), Elevation of Privilege
Potential Security Impact Denial of Service DoS, elevation of privilege VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with certain HP PCs and workstations with Windows and Linux running the NVIDIA Graphics Driver. The vulnerabilities could be locally exploited...
[security bulletin] HPSBHF03408 rev.2 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04773272 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04773272 Version: 2 HPSBHF03408 rev.2 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G...