613 matches found
Intel Connectivity Performance Suite November 2023 Security Update
Intel has informed HP of a potential security vulnerability in the Intel® Connectivity Performance Suite software for some Intel® Wireless Products, which might allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates t...
Qualcomm and Mediatek Wireless Bluetooth April 2022 Security Updates
Qualcomm® and Mediatek have informed HP of potential security vulnerabilities in their Bluetooth devices which may allow denial of service. Software updates have been released to mitigate the potential vulnerabilities. Qualcomm and Mediatek have released updates to mitigate the potential...
Certain HP Enterprise LaserJet MFPs, HP Enterprise PageWide MFPs, HP Digital Sender - Stored cross site scripting (XSS)
Certain HP Enterprise LaserJet and PageWide MFPs may be vulnerable to stored cross site scripting XSS. Update your printer software...
Intel® Graphics Drivers August 2021 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® Graphics Drivers which may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential...
Intel® PROSet/Wireless WiFi Driver June 2021 Security Update
Intel has informed HP of a potential security vulnerability identified in the Intel® PROSet/Wireless WiFi drivers which may allow information disclosure and denial of service. Intel is releasing a software update to mitigate this potential vulnerability. Intel has released updates to mitigate the...
HPSBHF03641 rev. 1 - Intel® Accelerated Storage Manager in Intel Rapid Storage Technology Enterprise Advisory
Potential Security Impact Escalation of Privilege, Denial of Service Source : HP, HP Product Security Response Team PSRT Reported by : Intel VULNERABILITY SUMMARY HP has been notified of a potential security vulnerability with Intel Accelerated Storage Manager in Intel Rapid Storage Technology...
HPSBPI03619 rev. 2 - Certain HP LaserJet Pro and MFP Printers, Multiple Potential Security Vulnerabilities
Potential Security Impact XSS, CSRF, Potential Buffer Overflow Reported by: Mario Rivas and Daniel Romero, NCC Group VULNERABILITY SUMMARY HP has identified potential security vulnerabilities with certain HP printers. The vulnerabilities could be exploited to perform Cross-site scripting XSS,...
HPSBHF03591 rev. 1 - Intel Wireless Driver DLL Injection Vulnerability
Potential Security Impact Escalation of privilege Source: Intel, HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILITY SUMMARY HP has been notified of a security vulnerability in the installation executables Autorun.exe and Setup.exe for Intel's wireless drivers and related...
HPSBPI03559 rev 1 - HP Enterprise LaserJet Printers and MFPs, HP OfficeJet Enterprise Color Printers and MFP, HP PageWide Color Printers and MPS, Cross Site Scripting (XSS)
Potential Security Impact Cross Site Scripting XSS Reported by: Jerry Decime VULNERABILITY SUMMARY HP has identified a potential security vulnerability with certain HP printers. The vulnerability could be exploited to perform a cross site scripting XSS attack. RESOLUTION HP has provided firmware...
HPSBHF02878 rev.1 - HP Smart Zero Client, Unauthorized Access
Potential Security Impact Unauthorized access VULNERABILITY SUMMARY A potential security vulnerability has been identified with the HP Smart Zero Client. This vulnerability could be exploited by a local user on the device to gain unauthorized access. RESOLUTION HP has provided updated operating...
HPSBPI02635 SSRT100391 rev.2 - HP Web Jetadmin Running on Windows, Local Unauthorized Access to Managed Resources
Potential Security Impact Local unauthorized access to managed resources VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP Web Jetadmin running on Windows. The vulnerability could be exploited by a local user to gain unauthorized access to resources managed by W...
HP Software Packages (SoftPaqs) – Potential Escalation of Privilege
Certain HP software packages SoftPaqs are potentially vulnerable to arbitrary code execution when the SoftPaq configuration file has been modified after extraction. HP has released updated software packages SoftPaqs. HP has provided updated software packages SoftPaqs available from our website...
Certain HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Buffer Overflow
Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to buffer overflow when using libwebp in Google Chrome or other web browsers. This issue occurs in all versions of libwebp prior to 1.3.2. Update your printer firmware...
Intel Thunderbolt DCH Drivers for Windows February 2024 Security Updates
Intel has informed HP of potential security vulnerabilities in some Intel® Thunderbolt™ Declarative Componentized Hardware DCH drivers for Windows, which might allow escalation of privilege, denial of service, and/or information disclosure. Intel is releasing software updates to mitigate these...
AMI UEFI Firmware December 2022 Security Update (TOCTOU)
A potential Time-of-Check to Time-of-Use TOCTOU vulnerability has been identified in certain HP PC products using AMI UEFI Firmware system BIOS which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential...
HP PC BIOS November 2022 Security Updates for Potential TOCTOU Vulnerabilities
Potential time-of-check to time-of-use TOCTOU vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate these potential...
Certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers - Information disclosure
Certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers may be vulnerable to potential information disclosure. Update your printer firmware...
Intel® Rapid Storage Technology June 2021 security update
Intel has informed HP of a potential security vulnerability in the Intel® Rapid Storage Technology software which may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP...
HPSBHF03698 rev. 2 - Intel® Thunderbolt™ DCH Drivers November 2020 Security Updates
Potential Security Impact Escalation of Privilege, Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of potential security vulnerabilities identified in some Intel® Thunderbolt™ DCH drivers for Windows which ma...
HPSBHF03633 rev.1 - Intel Rapid Storage Technology (RSTe) Driver Installer Vulnerability
Potential Security Impact Escalation of privilege VULNERABILITY SUMMARY HP has been notified of a security vulnerability with the driver pack installers for IntelR RSTe package versions before version 4.7.0.2083 that may allow an authenticated user to escalate privilege via local access. RESOLUTI...
HPSBPI03555 rev. 2 - HP PageWide Printers, HP OfficeJet Pro Printers, Arbitrary Code Execution
Potential Security Impact Certain HP PageWide Pro printers and certain HP OfficeJet Pro printers, possible execution of arbitrary code. VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP printers. This vulnerability could potentially be exploited to execu...
HPSBHF03513 rev.2 - HP PCs and Workstations running Windows and Linux with NVIDIA Graphics Driver, Local Denial of Service (DoS), Elevation of Privilege
Potential Security Impact Denial of Service DoS, elevation of privilege VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with certain HP PCs and workstations with Windows and Linux running the NVIDIA Graphics Driver. The vulnerabilities could be locally exploited...
HPSBPI02398 SSRT080166 rev.7 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files
Potential Security Impact Remote unauthorized access to files VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP LaserJet printers, HP Color LaserJet printers and HP Digital Senders. The vulnerability could be exploited remotely to gain unauthorized acces...
HPSBPI01085 SSRT4840 rev.3 - HP LaserJet, Remote Denial of Service (DoS)
Potential Security Impact Remote Denial of Service DoS VULNERABILITY SUMMARY A potential security vulnerability has been identified with the remote upgrade capability of Laserjet printers. This vulnerability could be exploited remotely to create a Denial of Service DoS. RESOLUTION The following...
HP PC BIOS October 2022 PCR Measurement Update
A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity. HP is releasing firmware updates to mitigate the potential vulnerability. Intel has released updates to mitigate the potential vulnerabilities. HP has identified...
Certain HP print products with Wi-Fi - Potential remote code execution, denial of service
Certain HP Print devices may be vulnerable to potential remote code execution or denial of service within Wi-Fi radio range of the device. HP has provided an updated firmware resolution for potentially affected products listed in the table below...
Certain HP Print Products – Potential information disclosure, denial of service, remote code execution
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. Update your printer firmware...
Intel BSSA DFT July 2021 Security Update
Intel has informed HP of a potential security vulnerability identified in the Intel BSSA DFT feature which may allow escalation of privilege. Firmware updates are being released to mitigate this potential vulnerability. Intel has released guidance to mitigate the potential vulnerability. HP has...
HPSBHF03714 rev. 1 - Intel® XMM™ 7360 Cell Modem February 2021 Security Update
Potential Security Impact Denial of Service Source: HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability identified in the Intel® XMM™ 7360 Cell Modem that might allow denial of service. Intel is releasing...
HPSBHF03675 rev. 1 - Synaptics® Fingerprint Drivers that use SGX
Potential Security Impact Arbitrary Code Execution Source: HP, HP Product Security Response Team PSRT Reported By: Synaptics ® VULNERABILITY SUMMARY Synaptics has notified HP of a potential security vulnerability in certain versions of Synaptics Fingerprint Sensor Drivers using Intel® Software...
HPSBHF03663 rev. 1 - HP Sure Sense Unauthorized Code Execution
Potential Security Impact Unauthorized Code Execution Source: HP, HP Product Security Response Team PSRT Reported By: Flavio Baldassi of Horizon Security VULNERABILITY SUMMARY A potential security vulnerability in the HP Sure Sense driver may allow Unauthorized Code Execution. RESOLUTION note: Th...
HPSBPI03660 rev. 1 - HP Inkjet Printers Account Lockout Issue
Potential Security Impact Account lockout bypass Source: HP, HP Product Security Response Team PSRT Reported by: Alexander Drabek, Logically Secure Limited VULNERABILITY SUMMARY A potential security vulnerability has been identified for certain HP Printers and All-in-Ones that would allow bypassi...
HPSBHF03654 rev. 2 - HP Wide Vision FHD Camera Firmware Security Update
Potential Security Impact Arbitrary Code Execution, Denial of Service Source: HP, HP Product Security Response Team PSRT Reported by: Rick Altherr of Eclypsium VULNERABILITY SUMMARY Potential security vulnerabilities in the HP Wide Vision FHD Camera firmware may allow the ability to update the...
HPSBGN03623 rev. 1 - Exposure of Application Configuration Details - Samsung Mobile Print (Android)
Potential Security Impact Application's configuration details exposed Source: HP, HP Product Security Response Team PSRT Reported by: Akshay Jain Appknox VULNERABILITY SUMMARY A potential security vulnerability caused by incomplete obfuscation of application configuration information. HP has no...
HPSBHF03609 rev. 3 - TPM Platform Configuration Vulnerability After S3 Resume
Potential Security Impact Information Disclosure, Denial of Service, Escalation of Privilege Source: HP, HP Product Security Response Team PSRT Reported by: Seunghun Han, National Security Research Institute VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with the...
HPSBGN3547 rev.2 - HP Device Manager, Remote Read Access to Arbitrary Files
Potential Security Impact Remote read access to arbitrary files. Source: HP, HP Product Security Response Team PSRT VULNERABILITY SUMMARY Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. dot dot in the...
HPSBPI02733 SSRT100646 rev.2 - Certain HP LaserJet Printers, Remote Unauthorized Access to Files
Potential Security Impact Remote unauthorized access to files VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to files. RESOLUTION HP has provided firmware...
HPSBPI02500 SSRT090263 rev.2 - HP Web Jetadmin, Remote Unauthorized Access to Data, Denial of Service (DoS)
Potential Security Impact Remote unauthorized access to data, Denial of Service DoS VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Web Jetadmin. The vulnerabilities could be exploited remotely to gain unauthorized access to data or to create a Denial of...
HP Hotkey Support – Escalation of Privilege
A potential security vulnerability has been identified in the HP Hotkey Support software, which might allow local escalation of privilege. HP is releasing mitigation for the potential vulnerability. Customers using HP Programmable Key are recommended to update HP Hotkey Support. HP has identified...
HP Display Control Software – Escalation of Privilege
Potential vulnerabilities have been identified in the HP Display Control software component within the HP Application Enabling Software Driver which might allow escalation of privilege. HP is releasing software updates to mitigate these potential vulnerabilities. Update to HP Application Enabling...
NVIDIA GPU Display Driver June 2024 Security Update
NVIDIA has informed HP of potential security vulnerabilities identified in the NVIDIA® GPU Display Driver for Windows, which might allow code execution, denial of service, escalation of privilege, information disclosure, and data tampering. NVIDIA has released software updates to mitigate these...
NVIDIA® GPU Display Driver October 2023 Security Update
NVIDIA has informed HP of potential security vulnerabilities identified in the NVIDIA® GPU Display Driver for Windows which may allow escalation of privilege, code execution, denial of service, or information disclosure. NVIDIA has released updates to mitigate these vulnerabilities. NVIDIA has...
Intel 2023.4 IPU Out-of-Band (OOB) Processor Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Processors, which might allow escalation of privilege and/or information disclosure and/or denial of service via local access. Intel is releasing firmware updates to mitigate this potential vulnerability. Intel has release...
HP t430 and t638 Thin Clients - Firmware Tampering Vulnerability
HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers t...
AMI UEFI Firmware June 2023 Security Update (TOCTOU)
A potential Time-of-Check to Time-of-Use TOCTOU vulnerability has been identified in certain HP PC products using AMI UEFI Firmware system BIOS, which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability. AMI has released updates to mitigate the...
HP Wolf Security Software July 2022 Update
HP has been informed of potential vulnerabilities known as RETbleed identified in some Intel® Processors and in some AMD® Processors, which may allow information disclosure. HP is releasing updates to Wolf Security software to implement the suggested mitigations from the CPU vendors. HP has...
HP Security Manager, Web Jetadmin, Digital Sending Software, and Easy Printer Manager - Potential XXE-based attacks
HP Security Manager, Web Jetadmin, Digital Sending Software, and Easy Printer Manager bundled in certain print driver packages may be vulnerable to potential XXE XML External Entity based attacks. HP has provided software updates to remediate the issue for the potentially affected products listed...
HP OfficeJet 7110 Wide Format ePrinter – Cross-Site Scripting (XSS)
A potential security vulnerability has been identified for the HP OfficeJet 7110 Wide Format ePrinter that enables Cross-Site Scripting XSS. Update your printer firmware...
HPSBHF03692 rev. 1 - AMD® Radeon™ Graphics Driver D3DKMTCreateAllocation Handler Denial of Service
Potential Security Impact Denial of Service Source: HP, HP Product Security Response Team PSRT Reported By: AMD VULNERABILITY SUMMARY AMD has informed HP of a potential security vulnerability identified in the AMD® Radeon™ Graphics Drivers for Windows which may allow denial of service. For detail...
HPSBPI03691 rev. 1 - HP Linux Imaging and Printing Software - Potential Memory Buffer Overflow
Potential Security Impact Memory Buffer Overflow Source: HP, HP Product Security Response Team PSRT Reported by: Kevin Backhouse of GitHub Security Lab VULNERABILITY SUMMARY The HP Linux Imaging and Printing HPLIP software may potentially be affected by memory buffer overflow. RESOLUTION HP has...