610 matches found
Certain HP LaserJet products and Samsung product print driver software - Escalation of privilege
A potential buffer overflow in the software drivers for certain products could lead to an escalation of privilege. Update your printer software...
HPSBHF03669 rev. 2 - Intel® 2020.1 IPU BIOS Security Updates
Potential Security Impact Escalation of Privilege, Denial of Service Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY HP has been notified by Intel of a potential security vulnerabilities in BIOS firmware for Intel® processors that may allow escalation ...
HPSBHF03639 rev. 4 - Intel WIFI Drivers and Intel PROSet/Wireless WiFi Software Security Advisory
Potential Security Impact Escalation of privilege, denial of service, or information disclosure. Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Multiple potential security vulnerabilities have been identified with Intel WIFI Drivers and Intel...
Intel BIOS Guard and PPAM Firmware May 2024 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® BIOS Guard and Platform Properties Assessment Module PPAM firmware, which might allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Intel has released updates to...
HP PC BIOS - May 2022 Security Updates
Potential security vulnerabilities have been identified in the BIOS UEFI Firmware for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities. HP has identified affected platforms and corresponding SoftPaqs...
HPSBHF03716 rev. 3 - Intel® Ethernet I210 Controller February 2021 Security Update
Potential Security Impact Denial of Service Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of potential security vulnerabilities identified in the Intel® Ethernet I210 Controller series of network adapters which may allow denial o...
HP Printing Security Advisory - KRACK Attacks Potential Vulnerabilities
Potential Security Impact KRACK Attacks VULNERABILITY SUMMARY On October 16, security researchers publicly announced vulnerabilities in the WiFi WPA2 standard. See the References section below for links to additional resources describing the KRACK Attacks WPA2 potential vulnerabilities in detail...
HPSBPI03720 rev. 1 - Software Vulnerability with Certain HP OfficeJet and PageWide Solutions
Potential Security Impact Local Code Execution Source: HP, HP Product Security Response Team PSRT VULNERABILITY SUMMARY HP has identified a security vulnerability with the I.R.I.S. OCR Optical Character Recognition software available with HP PageWide and OfficeJet printer software installations...
HPSBHF03712 rev. 3 - Sound Research DCHU Software Escalation of Privilege
Potential Security Impact Escalation of Privilege Source: HP, HP Product Security Response Team PSRT Reported By: HP VULNERABILITY SUMMARY A potential security vulnerability has been identified in the Sound Research DCHU software modules which can allow escalation of privilege. RESOLUTION Sound...
Intel® PROSet/Wireless WiFi and Killer™ WiFi November 2021 Security Updates
Intel has informed HP of potential security vulnerabilities identified in some Intel® PROSet/Wireless WiFi and Killer™ WiFi which may allow escalation of privilege, denial of service or information disclosure. Intel is releasing firmware and software updates to mitigate these potential...
HPSBPI03723 rev. 1 - Certain HP LaserJet, HP LaserJet Pro, HP PageWide, HP PageWide Pro, HP inkjet, HP OfficeJet software and certain applications - Arbitrary code execution
Potential Security Impact Arbitrary code execution Source: HP, HP Product Security Response Team PSRT Reported by: Honc, Arno Tsai, Subodh Kumar VULNERABILITY SUMMARY During installation with certain driver software or application packages an arbitrary code execution could occur. RESOLUTION HP ha...
Apache Text4Shell and others update for Teradici Cloud Access Connector
HP has provided updated versions of Teradici Cloud Access Connector that remediate vulnerabilities found in Apache Commons Text Text4Shell prior to 1.10.0, Apache Commons BCEL prior to 6.6.0, Apache Commons Configuration prior to 2.7, and ESAPI The OWASP Enterprise Security API prior to 2.3.0.0...
HPSBHF03678 rev. 2 - GRUB2 Bootloader Arbitrary Code Execution
Potential Security Impact Arbitrary Code Execution Source: HP, HP Product Security Response Team PSRT Reported By: Eclypsium, Inc. VULNERABILITY SUMMARY HP has been informed of a potential security vulnerability in GRUB2 bootloaders commonly used by Linux. This vulnerability, known as “There’s a...
TPM Firmware August 2021 Security Update
Nuvoton has informed HP of a potential security vulnerability identified in certain versions of the Nuvoton NPCT75x TPM firmware which may allow information disclosure. Nuvoton has released firmware to mitigation this potential vulnerability. Nuvoton has released updates to mitigate the potential...
HPSBHF03573 rev. 15 - Side-Channel Analysis Method
Potential Security Impact Elevation of Privilege/Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported by: Google Project Zero VULNERABILITY SUMMARY An industry-wide vulnerability, known as side channel analysis method, has been disclosed with modern CPUs using...
AMD Client UEFI Firmware May 2023 Security Update
AMD has informed HP of potential vulnerabilities identified in client platform components for some AMD Athlon™ Processors and Ryzen™ Processors, which might allow arbitrary code execution, denial of service, and/or information disclosure. AMD is releasing firmware updates to mitigate these...
Intel® PROSet/Wireless WiFi, Intel vPro® CSME WiFi and Killer™ WiFi May 2021 Security Updates
Intel has informed HP of potential security vulnerabilities identified in some Intel® PROSet/Wireless WiFi and Intel vPro® Converged Security and Management Engine CSME WiFi and Killer™ WiFi which may allow denial of service. Intel is releasing firmware and software updates to mitigate these...
HPSBHF03626 rev. 1 - Intel Turbo Boost Max Technology 3.0 Advisory
Potential Security Impact Escalation of Privilege Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY HP has been notified of a potential security vulnerability with the Intel Turbo Boost Max Technology 3.0 Driver, which may allow escalation of privilege...
HP ThinPro 8.0 SP 7 Security Updates
Previous versions of HP ThinPro prior to HP ThinPro 8.0 SP7 could potentially contain security vulnerabilities. HP has released HP ThinPro SP7, which includes updates to mitigate potential vulnerabilities. All of the identified vulnerabilities listed above were addressed and fixed as part of Thin...
HPSBHF03671 rev.1 - HP lt4120 Snapdragon X5 LTE Driver Installer Escalation of Privilege
Potential Security Impact Escalation of Privilege, Arbitrary Code Execution Source: HP, HP Product Security Response Team PSRT Reported by: TBD VULNERABILITY SUMMARY A potential security vulnerability has been identified with the installation package for the HP lt4120 Snapdragon X5 LTE Driver pri...
HPSBHF03652 rev.3 - Intel® Processor Graphics January 2020 Security Update
Potential Security Impact Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY HP has been notified of a potential security vulnerability with Intel® Processor Graphics that may allow an unauthenticated user to potentially enable...
HPSBGN03644 rev. 1 - HP Device Manager VNC Session Remote Unauthorized Access
Potential Security Impact Remote Unauthorized Access Source: HP, HP Product Security Response Team PSRT VULNERABILITY SUMMARY HP has identified an issue affecting VNC session security within HP Device Manager that could potentially be leveraged to create unauthorized connections. RESOLUTION HP is...
HP ThinPro 8.0 SP 8 Security Updates
...
HP ThinPro Linux Escalation of Privilege
A potential security vulnerability, known as PwnKit, has been identified in all versions of HP ThinPro OS, which might allow local escalation of privilege. For customers who cannot upgrade to HP ThinPro 7.2 and apply the patch, the following mitigation steps prevent nonprivileged customers from...
HP ThinPro 8.0 SP 9 Security Updates
Previous versions of HP ThinPro prior to HP ThinPro 8.0 SP 9 could potentially contain security vulnerabilities. HP has released HP ThinPro 8.0 SP 9, which includes updates to mitigate potential vulnerabilities. All the identified vulnerabilities listed above were addressed and fixed as part of t...
AMD® Ryzen Master™ SDK February 2023 Security Update
AMD has informed HP of a potential security vulnerability identified in the AMD® Ryzen Master™ Monitoring SDK, which might allow escalation of privilege. AMD has released software to mitigate the potential vulnerability. AMD has released updates to mitigate the potential vulnerability. HP has...
HP Device Manager Security Updates
Previous versions of HP Device Manager prior to HPDM 5.0.10 could potentially allow command injection and/or elevation of privileges. HP has released HP Device Manager 5.0.10, which includes updates to mitigate these potential vulnerabilities. All the identified vulnerabilities listed previously...
HP ThinPro 8.1 SP 2 Security Updates
Previous versions of HP ThinPro prior to HP ThinPro 8.1 SP 2 could potentially contain security vulnerabilities. HP has released HP ThinPro 8.1 SP 2, which includes updates to mitigate potential vulnerabilities. All of the identified vulnerabilities listed above were addressed and fixed as part o...
AMD Client UEFI Firmware May 2022 Security Updates
AMD has informed HP of potential vulnerabilities identified in AMD client platform firmware components, which might allow arbitrary code execution, denial of service, and/or information disclosure. AMD is releasing firmware updates to mitigate these vulnerabilities. AMD has released updates to...
Intel® Thunderbolt™ Driver November 2021 Security Updates
Intel has informed HP of potential security vulnerabilities identified in the Intel® Thunderbolt™ Driver for Windows which may allow escalation of privilege in the non-Declarative Componentized Hardware non-DCH driver versions and denial of service in the Declarative Componentized Hardware DCH...
HPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability
Potential Security Impact Disclosure and Modification of Information Source: HP, HP Product Security Response Team PSRT Reported by: N/A VULNERABILITY SUMMARY Certain HP printers are vulnerable to the Key Negotiation of Bluetooth KNOB attack. Data over Bluetooth can be intercepted, decrypted, and...
HPSBHF03635 rev. 3 - Intel 2019.2 IPU Ethernet 700 Series Controllers Security Updates
Potential Security Impact Escalation of Privilege, Denial of Service, or Information Disclosure Source: Intel, HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILITY SUMMARY Multiple potential security vulnerabilities have been identified with Intel® Ethernet 700 Series...
HPSBHF03584 rev. 8 - Derivative Side-Channel Analysis Method
Potential Security Impact Unauthorized exposure of privileged data from memory. Source: HP, HP Product Security Response Team PSRT Reported By: CVE-2018-3639: Google Project Zero GPZ Microsoft Security Response Center MSRC CVE-2018-3640: Researchers from SYSGO AG and BiZone LLC VULNERABILITY...
Potential Escalation of Privilege in HP Factory Preinstalled Windows 10 20H2 Images
HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation of privilege via execution of certain files outside the restricted path. This potential vulnerability was remediated starting with Windows 10 versions 21H2 o...
HPSBHF03668 rev. 4 - Intel® 2020.1 IPU Special Register Buffer Data Sampling and Improper Data Forwarding
Potential Security Impact Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability involving cleanup errors from specific special register read operations and improper data...
AMD Graphics Driver November 2022 Security Update
AMD has informed HP of potential vulnerabilities affecting some AMD® Graphics products, which might allow escalation of privilege and code execution. AMD is releasing an updated AMD Graphics Driver to mitigate the potential vulnerabilities. AMD has released updates to mitigate the potential...
HPSBHF03670 rev. 2 - Intel® Processors Data Leakage Advisory
Potential Security Impact Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability involving cleanup errors in some data cache evictions in some Intel® Processors that may allow a...
HPSBHF03650 rev. 2 - HP System Event Utility Execution of Arbitrary Code
Potential Security Impact Execution of Arbitrary Code Source: HP, HP Product Security Response Team PSRT Reported By: John Page aka Hyp3rlinx of ApparitionSec VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain versions of HP System Event Utility prior to...
Insyde UEFI Firmware March 2023 Security Update (TOCTOU)
Potential Time-of-Check to Time-of-Use TOCTOU vulnerabilities have been identified in certain HP PC products using Insyde UEFI firmware InsydeH20, which may allow arbitrary code execution, denial of service, and information disclosure. Firmware updates have been released to mitigate the potential...
NVIDIA GPU Display Driver August 2022 Security Update
NVIDIA has informed HP of potential security vulnerabilities identified in the NVIDIA® GPU Display Driver for Windows, which may allow escalation of privilege, code execution, denial of service, and information disclosure. NVIDIA has released updates to mitigate these vulnerabilities. NVIDIA has...
Intel Wireless Wi-Fi February 2022 Security Update
Intel has informed HP of potential security vulnerabilities identified in some Intel® PROSet/Wireless Wi-Fi, Intel® Active Management Technology Intel® AMT Wireless and Killer™ Wi-Fi products which may allow escalation of privilege, denial of service, or information disclosure. Intel is releasing...
BIOS June 2021 Security Updates
Intel has informed HP of potential security vulnerabilities identified in a some Intel® Virtualization Technology for Directed I/O VT-d products which may allow escalation of privilege, b in the BIOS firmware for some Intel® Processors which may allow escalation of privilege or denial of service,...
AMD Client UEFI Firmware January 2023 Security Updates
AMD® has informed HP of potential vulnerabilities identified in the AMD client platform firmware components which might allow arbitrary code execution and/or denial of service. AMD is releasing firmware updates to mitigate these vulnerabilities. AMD has released updates to mitigate the potential...
HP Jumpstart Escalation of Privilege
A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software. HP Jumpstart software has been discontinued and has been replaced by myHP software. HP...
Intel® Wireless Bluetooth® and Killer™ Bluetooth® June 2021 Security Update
Intel has informed HP of potential security vulnerabilities in Intel® Wireless Bluetooth® products and Killer™ Bluetooth® products which may allow information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the...
Certain HP Printers and MFP products - Cross-Site Scripting (XSS)
A potential security vulnerability has been identified for certain HP printers and MFPs. In jQuery versions before 3.5.0, passing HTML from untrusted sources may execute untrusted code. Update your printer firmware...
HP PC BIOS August 2022 Additional Updates for Potential SMM and TOCTOU Vulnerabilities
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate these potential vulnerabilities. HP has...
HPSBHF03667 rev. 2 - Intel® 2020.1 IPU - CSME, SPS, TXT, AMT and DAL Security Updates
Potential Security Impact Escalation of Privilege, Denial of Service, Information Disclosure. Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY HP has been notified by Intel of potential security vulnerabilities in the Intel® Converged Security and...
HPSBHF03638 rev. 4 - Intel 2019.2 IPU BIOS Security Updates
Potential Security Impact Escalation of Privilege, Denial of Service, Information Disclosure. Source: HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILITY SUMMARY Multiple security vulnerabilities have been identified by Intel. Intel is releasing updates for BIOS, Voltage...
Intel 2023.2 IPU – BIOS May 2023 Security Update
Intel has informed HP of potential vulnerabilities identified in BIOS firmware for some Intel® Processors which might allow escalation of privilege and information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate t...