610 matches found
HP Hotkey Support – Escalation of Privilege
A potential security vulnerability has been identified in the HP Hotkey Support software, which might allow local escalation of privilege. HP is releasing mitigation for the potential vulnerability. Customers using HP Programmable Key are recommended to update HP Hotkey Support. HP has identified...
NVIDIA GPU Display Driver June 2024 Security Update
NVIDIA has informed HP of potential security vulnerabilities identified in the NVIDIA® GPU Display Driver for Windows, which might allow code execution, denial of service, escalation of privilege, information disclosure, and data tampering. NVIDIA has released software updates to mitigate these...
Intel Graphics Command Center Service Software May 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Graphics Command Center Service software bundled in some Intel® Graphics Windows DCH driver software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability...
Tera2 Zero Client and Remote Workstation Card Firmware – Service Location Protocol
A potential denial of service vulnerability has been identified in Tera2 Zero Client and Remote Workstation Card RWC Firmware when using Service Location Protocol SLP. HP is providing recommended guidance to mitigate this potential vulnerability. The Service Location Protocol SLP, RFC 2608 is...
AMI UEFI Firmware January 2024 EDK II Reference Vulnerabilities
Potential EDK II reference code vulnerabilities have been identified in certain HP PC products using AMI UEFI Firmware system BIOS, which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerabilities. AMI has released updates to mitigate the potential...
HP t430 and t638 Thin Clients - Firmware Tampering Vulnerability
HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers t...
AMI UEFI Firmware June 2023 Security Update (TOCTOU)
A potential Time-of-Check to Time-of-Use TOCTOU vulnerability has been identified in certain HP PC products using AMI UEFI Firmware system BIOS, which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability. AMI has released updates to mitigate the...
Certain HP LaserJet, PageWide Pro Print Products - Potential Heap Overflow, Remote Code Execution
Certain HP LaserJet and PageWide Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution. Update the printer firmware...
HPSBHF03717 rev. 3 - Intel® Ethernet Controllers February 2021 Security Updates
Potential Security Impact Denial of Service Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of potential security vulnerabilities identified in some Intel® Ethernet Controllers which may allow denial of service. Intel is releasing...
HPSBHF03606 rev. 2 - Intel Platform System BIOS Security Updates
Potential Security Impact Escalation of Privilege, Denial of Service, Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Intel Platform Firmware that could allow privileged...
HPSBHF3550 rev. 2 - HP ThinPro Keyboard Layout Control Panel and Virtual Keyboard Application Vulnerability
Potential Security Impact Local unauthorized access and unintentional elevation of privilege on a HP thin client device. VULNERABILITY SUMMARY A potential security vulnerability has been identified with the keyboard layout control panel and virtual keyboard application on HP ThinPro operating...
HPSBPI02892 rev.2 - Certain HP FutureSmart MFP, Weak PDF Encryption, Local Disclosure of Information
Potential Security Impact Weak PDF encryption and local disclosure of information VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with certain HP FutureSmart LaserJet printers. The vulnerabilities might lead to weak encryption of PDF documents or local disclosure of...
HPSBPI02794 SSRT100542 rev.2 - Certain HP Photosmart Printers, Remote Denial of Service (DoS)
Potential Security Impact Remote Denial of Service DoS VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP Photosmart printers. The vulnerability could be exploited remotely to create a Denial of Service DoS. RESOLUTION HP has provided firmware updates to...
HP Display Control Software – Escalation of Privilege
Potential vulnerabilities have been identified in the HP Display Control software component within the HP Application Enabling Software Driver which might allow escalation of privilege. HP is releasing software updates to mitigate these potential vulnerabilities. Update to HP Application Enabling...
PCoIP Management Console – Potential Denial of Service
A vulnerability has been reported in the Grails open-source web framework used by Teradici PCoIP Management Console, which might potentially lead to a JVM crash or denial of service. An updated Teradici PCoIP Management Console has been released to mitigate this issue. Customers using Management...
UC Software - Missing Authorization
A potential vulnerability was discovered in certain Trio devices. An attacker with physical access to a device without administrator privileges can gain administrative access through the Poly Lens interface due to a potential authorization vulnerability. This is only possible for devices that are...
Certain HP Enterprise LaserJet and HP LaserJet Managed printers - Potential information disclosure
Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version 5.6. Update the printer firmware...
Intel® Optane™ DC Persistent Memory for Windows June 2021 Security Update
Intel has informed HP of a potential security vulnerability in the Intel® Optane™ DC Persistent Memory for Windows software which may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential...
HPSBHF03704 rev. 3 - AMD® Firmware TPM November 2020 Security Update
Potential Security Impact Escalation of Privilege, Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported by: AMD VULNERABILITY SUMMARY AMD has informed HP of a potential security vulnerability identified in the AMD Firmware TPM which may allow escalation of privilege...
HPSBHF03612 rev. 2 - Synaptics Audio Driver Package Allowing System Level Access to the Registry
Potential Security Impact Escalation of privilege Source: Synaptics, HP Product Security Response Team PSRT Reported By: Synaptics VULNERABILITY SUMMARY A potential security vulnerability has been identified with the Synaptics previously Conexant Sound Device Driver CxUtilSVc.exe component...
HPSBHF03578 rev. 5 - Intel Graphics Driver - Pointer Dereference / Type Confusion in HECI Service
Potential Security Impact Elevation of Privilege Source: HP, HP Security Response Team PSIRT Reported by: Intel VULNERABILITY SUMMARY CVE-2017-5717: The Intel® Content Protection HECI Service has a Type Confusion vulnerability which potentially can lead to a privilege escalation. The HECI service...
HPSBHF03560 rev 1 - Possible Elevation of Privilege and Information Disclosure via Intel® Software Guard Extensions (Intel® SGX) Vulnerability
Potential Security Impact Elevation of privilege, information disclosure Source: Intel Reported by: Intel VULNERABILITY SUMMARY Intel has discovered a vulnerability that could impact the security of Intel® Software Guard Extensions Intel® SGX. Before exploiting this vulnerability, the malicious...
HPSBPI03556 rev 1 - HP Web Jetadmin, Denial of Service
Potential Security Impact HP Web Jetadmin, potential denial of service Reported by: Konrad Ferbes and Vojtěch Dziewięcki from F-Secure VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP Web Jetadmin. This vulnerability could potentially be exploited to create a...
HPSBMI02614 SSRT100344 rev.2 - HP webOS Contacts Application, Remote Execution of Arbitrary Code
Potential Security Impact Remote execution of arbitrary code VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP webOS Contacts Application. This vulnerability could be exploited to execute arbitrary HTML or JavaScript. RESOLUTION The vulnerability can be resolved...
Certain HP PC BIOS Logo Vulnerabilities
Potential security vulnerabilities, known as LogoFAIL, have been reported in the AMI BIOS and the Insyde BIOS used in certain HP PC products, which might allow escalation of privilege, arbitrary code execution, denial of service, information disclosure, and/or data tampering. AMI and Insyde are...
Intel Extreme Tuning Utility (XTU) May 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Extreme Tuning Utility XTU software, which might allow escalation of privilege. Intel is releasing updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP ha...
Intel Virtual RAID on CPU (VROC) February 2024 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® Virtual RAID on CPU VROC software, which might allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential...
Intel Graphics Drivers November 2023 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® Graphics drivers, which might allow escalation of privilege, denial of service and information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to...
HP Security Manager and Web Jetadmin - Potential remote code execution
HP Security Manager and Web Jetadmin may potentially be vulnerable to Remote Code Execution when using certain versions of Microsoft SQL Server Express. For additional information regarding the potential vulnerability and Microsoft SQL security patches for existing installations, please visit the...
HPSBHF03715 rev. 1 - Intel® Optane™ DC Persistent Memory Software February 2021 Security Update
Potential Security Impact Escalation of Privilege Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability identified in the Intel® Optane™ DC Persistent Memory installer for Windows Server 2019 which m...
HPSBPI03613 rev. 1 - HP DeskJet 3630 Printers - Cross Site Request Forgery
Potential Security Impact Denial of Service Source: HP, HP Product Security Response Team PSRT Reported By: Tim Coen VULNERABILITY SUMMARY Certain HP DeskJet 3630 All-in-One Printers have a Cross Site Request Forgery CSRF vulnerability that could lead to a denial of service DOS or device...
HPSBHF03581 rev. 4 - AMD Secure Processor and Promontory Chipset Exploits
Potential Security Impact Circumvention of platform security controls, unauthorized access to system memory, installation of difficult to detect malware. Source: CTS Reported By: CTS VULNERABILITY SUMMARY Vulnerability | Description | Impact ---|---|--- MASTERKEY | Attacker who already has...
AMD Client UEFI Firmware August 2025 Security Update
AMD has informed HP of potential vulnerabilities identified in some AMD client processor platforms, which might lead to loss of confidentiality, loss of integrity, arbitrary code execution, loss of availability, or denial of service. AMD is releasing firmware updates to mitigate these...
HP PC BIOS Additional Security Update for TOCTOU
A potential Time-of-Check to Time-of Use TOCTOU vulnerability has been identified in the HP BIOS for certain HP PC products, which might allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential vulnerability. HP has...
Intel 2024.2 IPU - BIOS May 2024 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® Processors, which might allow information disclosure and/or denial of service. Intel is releasing microcode updates to mitigate the potential vulnerabilities. Intel has released updates to mitigate the potential...
UC Software – Unverified Password Change
A potential vulnerability was discovered in certain Poly devices. An attacker who can take over a web server session can also change the administrator password without knowledge of the current password due to an improper authentication check. HP recommends that customers disable the web server an...
Intel Rapid Storage Technology Software November 2023 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Rapid Storage Technology software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability...
Intel® Virtual RAID on CPU (VROC) August 2023 Security Updates
Intel has informed HP of a potential security vulnerability identified in the Intel® Virtual RAID on CPU VROC software, which might allow escalation of privilege. Intel is releasing software updates to mitigate the potential vulnerability. Intel has released updates to mitigate the potential...
Intel® Wireless Bluetooth® and Killer™ Bluetooth® February 2022 Security Updates
Intel has informed HP of potential security vulnerabilities identified in some Intel® Wireless Bluetooth® and Killer™ Bluetooth® products which may allow denial of service. Intel is releasing software and firmware updates to mitigate these potential vulnerabilities. Intel has released updates to...
HPSBHF03695 rev. 1 - Intel® HID Event Filter Driver November 2020 Security Update
Potential Security Impact Escalation of Privilege Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability identified in the Intel® Human Interface Device HID Event Filter Driver which may allow...
HPSBPI03628 rev .1 - Samsung Laser Printers, Denial of Service
Potential Security Impact Denial of Service Source: HP, HP Product Security Response Team PSRT Reported By: XiaoyuHe VULNERABILITY SUMMARY A potential security vulnerability has been identified with Samsung Laser Printers. This vulnerability could potentially be exploited to create a denial of...
HPSBHF03587 rev. 1 - Information Disclosure Vulnerability in Storage Media in Systems with Intel® Optane™ Memory Module with Whole Disk Encryption
Potential Security Impact Some platforms configured with Whole Disk Encryption and an Intel® Optane™ memory module, may be at risk of data remaining unencrypted and potentially accessible under specific conditions. Source: HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILIT...
HPSBPI02828 SSRT100778 rev.2 - HP LaserJet and Color LaserJet, Cross-Site Scripting (XSS)
Potential Security Impact Cross-site scripting XSS VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP LaserJet and Color LaserJet printers. The vulnerability could be exploited to allow cross-site scripting XSS. RESOLUTION HP has provided firmware updates...
HP ThinPro 8.1 SP9 Security Updates
Previous versions of HP ThinPro prior to HP ThinPro 8.1 SP9 could potentially contain security vulnerabilities. HP has released HP ThinPro 8.1 SP9, which includes updates to mitigate potential vulnerabilities. All of the identified vulnerabilities listed above were addressed and fixed as part of ...
HP ThinPro 8.1 SP4 Security Updates
Previous versions of HP ThinPro prior to HP ThinPro 8.1 SP4 could potentially contain security vulnerabilities. HP has released HP ThinPro 8.1 SP4, which includes updates to mitigate potential vulnerabilities. All the identified vulnerabilities listed above were addressed and fixed as part of the...
AMD Client UEFI – Cross-Process Information Leak
AMD has informed HP of a potential security vulnerability identified in some AMD client processors, which might allow information disclosure. AMD released firmware updates to mitigate these vulnerabilities. AMD has released updates to mitigate the potential vulnerability. HP has identified affect...
Intel 2024.1 IPU - Chipset Software March 2024 Security Update
Intel has informed HP of potential security vulnerabilities in the Intel® Converged Security Management Engine CSME installer and Intel® Local Manageability Service software which may allow escalation of privilege or information disclosure. Intel is releasing updates to mitigate these potential...
Intel 2023.4 IPU – BIOS November 2023 Security Update
Intel has informed HP of potential security vulnerabilities in the BIOS firmware for some Intel® Processors, which might allow escalation of privilege or denial of service. Intel is releasing BIOS updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the...
HyperX NGENUITY - Potential Elevation of Privilege
HyperX NGENUITY software is potentially vulnerable to an elevation of privilege vulnerability. This potential vulnerability was remediated on November 8, 2021. Use the following steps to resolve potential vulnerabilities...
HPSBGN03722 rev. 1 - HP Support Assistant Weak ACL and DLL Loading Vulnerability
Potential Security Impact Execution of arbitrary code. Source: HP, HP Product Security Response Team PSRT Reported by: Rémi ESCOURROU @remiescourrou VULNERABILITY SUMMARY A weak ACL may potentially allow an unauthorized person to load arbitrary code. RESOLUTION A patch was released on March 10,...