HP Device Manager Vulnerability Update (5.0.16)

Potential vulnerabilities have been identified in HP Device Manager versions prior to HPDM 5.0.16. HP is releasing mitigation for the potential vulnerabilities as part of the 5.0.16 release. All of the identified vulnerabilities listed above were addressed and fixed as part of HP Device Manager...

HP Hotkey Support – Escalation of Privilege

A potential security vulnerability has been identified in the HPAudioAnalytics service included in the HP Hotkey Support software, which might allow escalation of privilege. HP is releasing software updates to mitigate the potential vulnerability. HP has identified affected platforms and...

Intel 2025.2 IPU - Processors May 2025 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Processors, which might allow denial of service or information disclosure. Intel is releasing microcode updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential...

Intel 2025.1 IPU – Chipset Firmware Security Update

Intel has informed HP of potential security vulnerabilities in Intel® Converged Security and Manageability Engine CSME, Intel® Active Management Technology AMT, and Intel® Standard Manageability firmware, which might allow information disclosure, denial of service, or escalation of privilege. Int...

HP One Agent Software – Potential Privilege Escalation

A potential security vulnerability has been identified in the HP One Agent for certain HP PC products, which might allow for escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability. Mitigation is available in HP Application Enabling Software Driver versi...

PC BIOS Security Updates - Intel Processor Stream Cache

Intel has informed HP of potential security vulnerabilities in some Intel® Processor stream cache mechanisms, which might allow escalation of privilege. Intel is releasing microcode updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential...

Certain HP ENVY, OfficeJet, DeskJet printers - Potential denial of service

Certain HP ENVY, OfficeJet, and DeskJet printers may be vulnerable to a Denial of Service attack. Update the printer firmware...

AWS Connection Session Provisioner’s SHA256 hash is not fully verified by PCoIP Zero Clients

HP has provided updated versions of Tera2 Zero Client firmware that remediate vulnerabilities found in firmware version 22.04 and earlier. Products can be updated or replaced with the latest release by downloading from the Teradici website and following standard installation or update instruction...

HPSBPI03622 rev. 1 - HP Access Control - Potential Security Vulnerability

Potential Security Impact Elevation of privilege Source: HP VULNERABILITY SUMMARY A potential security vulnerability has been identified in the software solution HP Access Control. This vulnerability could potentially grant elevation of privilege. RESOLUTION HP has provided the software updates f...

HPSBPI02779 SSRT100855 rev.2 - HP Web Jetadmin v8.x Running on Windows, Remote Cross Site Scripting (XSS)

Potential Security Impact Remote cross site scripting XSS VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Web Jetadmin v8.x. These vulnerabilities could be exploited remotely resulting in cross site scripting XSS. RESOLUTION HP has provided HP Web Jetadmin...

HPSBPI02265 SSRT3515 rev.2 - Re-release of HPSBMI00004 HP Jetdirect Running ftp, Advisory

Potential Security Impact Advisory VULNERABILITY SUMMARY Some security scanners generate warnings that the Jetdirect ftp directory is writable. RESOLUTION To restrict printing or suppress the security scanners warning, the ftp service can be disabled. To disable ftp, telnet to the Jetdirect devic...

HPSBPI02078 SSRT5979 rev.3 - HP Jetdirect 635n IPv6/IPsec Print Server (J7961A), Remote Denial of Service (DoS)

Potential Security Impact Remote Denial of Service DoS VULNERABILITY SUMMARY Potential vulnerabilities have been identified with the HP Jetdirect 635n IPv6/IPsec Print Server J7961A . These vulnerabilities may be exploited remotely by an unauthorized user to create a Denial of Service DoS...

Intel Graphics Software August 2025 Security Update

Intel has informed HP of potential security vulnerabilities for some Intel® Graphics software, which might allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential...

Intel Graphics Driver and Software May 2025 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Graphics Driver software, which might allow escalation of privilege, denial of service, or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates...

HP ThinPro 8.1 SP6 Security Updates

Previous versions of HP ThinPro prior to HP ThinPro 8.1 SP6 could potentially contain security vulnerabilities. HP has released HP ThinPro 8.1 SP6, which includes updates to mitigate potential vulnerabilities. All of the identified vulnerabilities listed above were addressed and fixed as part of...

Clariti Manager - Outdated JavaScript Libraries In-Use

A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware contained multiple XSS vulnerabilities in the version of JavaScript used. The recommendation is to update an impacted device to firmware build 10.12.0.2100 or later. Customers can...

Certain HP OfficeJet Pro Printers - Potential Denial of Service

Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when using an improper eSCL URL GET request. Update your printer firmware...

Certain HP DesignJet Print Products – Potential Information Disclosure

Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway GGW over port 9220. Update your printer firmware...

Certain HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Information Disclosure

Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to information disclosure, when connections made by the device back to services enabled by some solutions may have been trusted without the appropriate CA certificate in the device's certificate store...

Certain HP ENVY, LaserJet, OfficeJet, PageWide Pro print products - Potential Buffer Overflow, Elevation of Privilege

Certain HP ENVY, LaserJet, OfficeJet, and PageWide Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege. Update the printer firmware...

Synaptics Fingerprint SGX-enabled Driver June 2022 Security Update

Synaptics has informed HP of a potential security vulnerability identified in Synaptics® Fingerprint drivers that use SGX which may allow denial of service and information disclosure. Synaptics has released mitigation for this potential vulnerability. Synaptics has released updates to mitigate th...

Intel® PROSet/Wireless WiFi and Killer™ Driver February 2021 Security Update

Intel has informed HP of a potential security vulnerability identified in some Intel® PROSet/Wireless WiFi and Killer™ drivers for Windows 10 which may allow information disclosure or denial of service. Intel is releasing software updates to mitigate this potential vulnerability. Intel has releas...

HPSBPI01007 SSRT4700 rev.3 - HP Web Jetadmin, Remote Unauthorized Access to Files, Denial of Service (DoS)

Potential Security Impact Remote unauthorized access to files, Denial of Service DoS VULNERABILITY SUMMARY A potential vulnerability has been identified with HP Web Jetadmin. The vulnerability could be exploited to allow remote unauthorized access to files or to create a Denial of Service DoS...

Nuvoton ECHD Key Security Update

Nuvoton has informed HP of a potential security vulnerability identified in Nuvoton TPM NPCT7xx models used in certain HP PC products, which might allow information disclosure. Nuvoton has released firmware mitigation for the potential vulnerability. HP has identified affected platforms and...

Intel UEFI Reference Firmware March 2026 Security Update

Intel has informed HP of a potential security vulnerability in UEFI for some Intel Reference Platforms, which might allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP h...

Intel NPU Driver February 2026 Security Update

Intel has informed HP of potential security vulnerabilities for some Intel® NPU Drivers Neural Processing Unit, which might allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate t...

Qualcomm Wireless WLAN and Bluetooth Security Updates

Potential security vulnerabilities have been identified in the Qualcomm Wireless LAN devices used in certain HP PC products, which might allow denial of service. Qualcomm has released updates to mitigate the potential vulnerabilities. HP has identified affected platforms and corresponding SoftPaq...

Samsung Universal Print Driver for Windows–Potential Escalation of Privilege

The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018. Update your printer software...

Intel Arc & Iris Xe Graphics Software August 2024 Security Update

Intel has informed HP of a potential security vulnerability in the Intel® Arc™ & Iris® Xe Graphics software, which might allow denial of service. Intel is releasing updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...

Intel HID Event Filter Installer August 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Human Interface Device HID Event Filter software installers, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate t...

UC Software - Improper Input Validation

A potential vulnerability was discovered in certain Poly devices. A malformed packet sent to the device can result in a Denial-of-Service attack. HP has identified affected products and corresponding firmware minimum versions that mitigate the potential vulnerabilities. See the affected products...

HP LIFE Android Mobile – Potential Escalation of Privilege, Information Disclosure

HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or information disclosure. Update your application...

Intel Unite® Client Software May 2023 Security Update

Intel has informed HP of potential security vulnerability in the Intel® Unite® Client software for Windows, which might allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerability. Intel has released updates to mitigate the potential vulnerability...

HPSBHF03694 rev. 1 - AMD® Radeon™ Graphics Driver D3DKMTEscape Handler Denial of Service

Potential Security Impact Denial of Service Source: HP, HP Product Security Response Team PSRT Reported by: AMD VULNERABILITY SUMMARY AMD has informed HP of a potential security vulnerability identified in the AMD® Radeon™ Graphics Drivers for Windows which may allow denial of service. For detail...

HPSBHF03604 rev. 2 - Intel Xeon® Platform Firmware Included Unsecure Handling of Certain UEFI Variables

Potential Security Impact Escalation of Privilege, Denial of Service. Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Insecure handling of UEFI variables in Intel® Xeon® Scalable processors, Intel® Xeon® Processor E5 v4 Family, Intel® Xeon® Processor E5...

HPSBHF3549 rev.2 - ThinkPwn UEFI BIOS SmmRuntime Escalation of Privilege

Potential Security Impact System downtime, or privilege escalation. Source:HP, HP Product Security Response Team PSRT Reported by: Dmytro Oleksiuk VULNERABILITY SUMMARY A security vulnerability identified with UEFI firmware, dubbed ThinkPwn, has been addressed in certain HP commercial notebook PC...

Poly Clariti Manager – May 2026 Security Update

Multiple potential security vulnerabilities have been identified on Poly Clariti Manager, on-premises management platform. These vulnerabilities are related to Berkeley Internet Name Domain BIND, which is an open-source protocol. HP has released updates to mitigate the potential vulnerabilities. ...

Intel UEFI Reference Firmware March 2026 Security Update

Intel has informed HP of potential security vulnerabilities in UEFI for some Intel® reference platforms, which might allow escalation of privilege or information disclosure. Intel is releasing UEFI firmware updates to mitigate these potential vulnerabilities. Intel has released updates to mitigat...

Intel NPU Driver November 2025 Security Update

Intel has informed HP of potential security vulnerabilities for some Intel® NPU Drivers Neural Processing Unit, which might allow denial of service or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate th...

HP Universal Scan - Potential Information Disclosure

HP Universal Scan is vulnerable to potential information disclosure due to code vulnerability within the product's solution open-source library libssh2. Update your printer software...

NVIDIA GPU Display Driver January 2025 Security Update

NVIDIA has informed HP of potential security vulnerabilities identified in the NVIDIA® GPU Display Driver for Windows, which might allow information disclosure, denial of service, and data tampering. NVIDIA has released updates to mitigate these vulnerabilities. NVIDIA has released updates to...

Certain HP LaserJet Printers – Potential Denial of Service

The HP LaserJet MFP M139 - M142 Printer series and the HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent to port 631. Update your printer firmware...

Intel UPLR2 Xeon Processor BIOS Security Updates

Intel has informed HP of potential security vulnerabilities in firmware for some Intel® Xeon® Processors, which might allow escalation of privilege, denial of service or information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Intel has released...

NVIDIA GPU Display Driver October 2024 Security Update

NVIDIA has informed HP of potential security vulnerabilities identified in the NVIDIA® GPU Display Driver for Windows, which might allow code execution, denial of service, escalation of privileges, information disclosure, and data tampering. NVIDIA has released updates to mitigate these...

Clariti Manager - Multiple Stored XSS

A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The flaw does not properly neutralize input during a web page generation. The recommendation is to update an impacted device to firmware build 10.12.0.2100 or later. Customers can receive the...

Certain HP ENVY, LaserJet, OfficeJet, PageWide Pro Print Products - Potential Buffer Overflow, Remote Code Execution

Certain HP ENVY, LaserJet Pro, OfficeJet Pro, and PageWide Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution. Update the printer firmware...

Certain HP Print Products, Digital Sending Products - Potential remote code execution and buffer overflow

Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR. Update your printer firmware...

Intel UEFI Reference Firmware May 2026 Security Update

Intel has informed HP of a potential security vulnerability in UEFI for some Intel Reference Platforms which might allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...

Intel Connectivity Performance Suite May 2026 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Connectivity Performance Suite software installers, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the...

HP Security Manager – Potential Remote Code Execution

HP Security Manager is potentially vulnerable to Remote Code Execution due to the use of Microsoft OLE Database library version 18.4 for Microsoft’s SQL Server Express and Microsoft’s SQL Server. HP has provided a software update for potentially affected products...