610 matches found
HPSBHF03701 rev. 2 - Intel® Ethernet 700 Series Controller November 2020 Security Update
Potential Security Impact Escalation of Privilege, Denial of Service Source: HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILITY SUMMARY Intel has informed HP of potential security vulnerabilities identified in the Intel® Ethernet 700 Series Controllers which might allow...
HPSBHF03588 rev. 1 - Intel Q1 2018 Intel® Active Management Technology 9.x/10.x/11.x Security Review Cumulative Update and Intel® Management Engine 11.x Issue
Potential Security Impact Elevation of Privilege Source: HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILITY SUMMARY Intel has identified security vulnerabilities that could potentially place affected platforms at risk. The issues affect Intel® Active Management Technology...
HPSBGN03575 rev. 1 - BIOS Password Extraction Vulnerability on Certain HP Notebooks
Potential Security Impact The unencrypted password was able to be accessed by CMOS tools. Source: HP, HP Product Security Response Team PSRT Reported By: Bader Zaidan VULNERABILITY SUMMARY A BIOS password extraction vulnerability has been reported on certain consumer notebooks. The BIOS password...
HPSBPI02945 rev.2 - HP Officejet Pro 8500 (A909) All-in-One Printer, Cross-Site Scripting (XSS)
Potential Security Impact Cross-site scripting XSS VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP Officejet Pro 8500 A909 All-in-One Printer. The vulnerability could be exploited to allow cross-site scripting XSS. RESOLUTION HP has provided updated HP Officej...
AMD CPU Microcode Security Update
AMD has informed HP of a potential security vulnerability identified in the microcode patch loader for some AMD processors, which might allow arbitrary code execution and information disclosure. AMD is releasing firmware updates to mitigate these vulnerabilities. AMD has released updates to...
AMD SMM Vulnerabilities February 2025 Security Update
AMD has informed HP of potential vulnerabilities identified in some AMD client platform firmware components, which might allow arbitrary code execution. AMD is releasing firmware updates to mitigate these vulnerabilities. AMD has released updates to mitigate the potential vulnerabilities. HP has...
HP Sure Admin Security Update
A potential security vulnerability has been identified in certain HP PC products using HP Sure Admin, which might allow escalation of privilege. HP is releasing mitigation for the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that...
Intel Extreme Tuning Utility (XTU) February 2024 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® Extreme Tuning Utility XTU software, which might allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential...
Certain HP and Samsung printer software - Potential elevation of privileges
Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element. Update the printer software...
Intel® XMM™ 7560 Modem November 2022 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® XMM™ 7560 Modem software, which might allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential vulnerabilities. HP...
Intel® PROSet/Wireless WiFi, Intel vPro® CSME WiFi, and Killer™ WiFi November 2022 Security Update
Intel has informed HP of a potential vulnerability identified in some Intel® PROSet/Wireless WiFi, Intel vPro® CSME WiFi, and Killer™ WiFi products, which might allow denial of service. Intel is releasing a firmware update to mitigate this potential vulnerability. Intel has released updates to...
HPSBPI03686 rev. 1 - Certain HP Enterprise MFP products: Elevation of Privilege
Potential Security Impact Elevation of privilege Source: HP, HP Product Security Response Team PSRT Reported by: HP VULNERABILITY SUMMARY A potential security vulnerability has been identified for certain HP multifunction printers MFPs. The vulnerability may lead to elevation of privilege when...
HPSBHF03680 rev. 1 - Intel® PROSet/Wireless WiFi Software August 2020 Security Updates
Potential Security Impact Escalation of Privilege, Denial of Service Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability in some Intel® PROSet/Wireless WiFi software which may allow escalation of...
HPSBHF03673 rev. 4 - AMD® SMM Callout Privilege Escalation
Potential Security Impact Execution of Arbitrary Code Source: AMD Reported By: AMD VULNERABILITY SUMMARY A potential security vulnerability in AMD® software technology has been identified that, in the case of privileged physical or administrative access, an attacker could potentially manipulate...
HPSBHF03611 rev. 2 - NVIDIA GPU Display Driver Vulnerabilities
Potential Security Impact Denial of service, Escalation of privilege, Unauthorized code execution, or Information disclosure Source: HP, HP Product Security Response Team PSRT Reported By: NVIDIA VULNERABILITY SUMMARY HP has been notified of potential security vulnerabilities with the GPU Display...
HPSBGN03599 rev. 2 - Certificate Authentication Vulnerability in HP Remote Graphics Software
Potential Security Impact Information disclosure Source : HP, HP Product Security Response Team PSRT Reported by : Rowan Venables VULNERABILITY SUMMARY A potential vulnerability has been identified in HP Remote Graphics Software’s certificate authentication process. RESOLUTION HP has mitigated th...
HPSBHF03572 rev. 4 - Unsafe Opcodes Exposed in SPI
Potential Security Impact Denial of Service Source: Intel Reported By: Intel VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with how the SPI interface is configured on certain platforms. Specific SPI OpCodes may be left accessible and vulnerable to misuse. In the...
HPSBHF03553 rev 2 - HP ThinPro Escalation of Privilege via Command Line Shell
Potential Security Impact Local unauthorized escalation of privilege on an HP thin client device. VULNERABILITY SUMMARY A potential security vulnerability has been identified with the command line shell of the HP ThinPro operating system. The vulnerability could result in a local unauthorized...
HP ThinPro 8.1 SP8 Security Updates
Previous versions of HP ThinPro prior to HP ThinPro 8.1 SP8 could potentially contain security vulnerabilities. HP has released HP ThinPro 8.1 SP8, which includes updates to mitigate potential vulnerabilities. All of the identified vulnerabilities listed above were addressed and fixed as part of...
Intel Unite Software February 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Unite® software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerabilities. HP has...
UC Software - Hidden Functionality
A potential vulnerability was discovered in certain Trio devices. An attacker can enable a hidden configuration with knowledge of the administrator password, physical access to the device, and the ability to bypass the authentication process of the hidden configuration to gain a shell with elevat...
UC Software - Improper Neutralization of Special Elements Used in an OS Command
A potential vulnerability was discovered in certain Poly voice products. A flaw in the neutralization of data passed in the input fields within the web UI could result in an authenticated command injection. HP has identified affected products and corresponding firmware minimum versions that...
AMD Ryzen Master™ SDK August 2023 Security Update
AMD has informed HP of potential security vulnerabilities identified in the AMD® Ryzen Master™ SDK, which might allow arbitrary code execution, denial of service, or information disclosure. AMD has released software updates to mitigate the potential vulnerabilities. AMD has released updates to...
Certain HP Displays - Theft Deterrence
A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitor’s Theft Deterrence to be deactivated. HP has identified affected monitors and corresponding SoftPaqs with minimum versions that mitigate the potential...
Intel® Unite® Hub Software August 2023 Security Update
Intel has informed HP of a potential vulnerability identified in the Intel® Unite® Hub software, which may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...
Certain HP LaserJet Pro Print Products – Potential Buffer Overflow and/or Denial of Service
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device. Update the printer firmware...
Certain HP LaserJet Pro Print Products - Potential Buffer Overflow
Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser. Update the printer firmware...
Intel 2022.2 IPU BIOS Security Updates
Intel has informed HP of a potential security vulnerability in some Intel® Processors, which might allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has identified...
HP ThinPro OS - File System Unlocked in HP ThinPro 7.2 Service Pack 8 (SP8)
A potential security vulnerability has been identified in HP ThinPro 7.2 Service Pack 8 SP8. The security vulnerability in SP8 is not remedied after upgrading from SP8 to Service Pack 9 SP9. HP has released Service Pack 10 SP10 to remediate the potential vulnerability introduced in SP8. Upgrade t...
Certain HP LaserJet, LaserJet Managed, PageWide, PageWide Managed printers - Potential buffer overflow
Certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed products may be vulnerable to potential buffer overflow. Update your printer firmware...
Intel Unite® Client for Windows June 2021 security updates
Intel has informed HP of potential security vulnerabilities in the Intel Unite® Client for Windows which may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential vulnerabilities. HP has...
HPSBGN03620 rev. 4 - HP Support Assistant Escalation of Privilege Vulnerability
Potential Security Impact Elevation of privilege and unauthorized modification of directories or files. Source: HP, HP Product Security Response Team PSRT Reported by: Philippe Laulheret McAfee Advanced Threat Research, ManhNDd Bkav Corporation VULNERABILITY SUMMARY The vulnerability allows a use...
HPSBHF03603 rev. 3 - Escalation of Privilege via Intel PROSet/Wireless Wi-Fi Software
Potential Security Impact Escalation of privilege Source: HP, HP Product Security Response Team PSRT, Intel Reported By: Intel VULNERABILITY SUMMARY A potential security vulnerability in Intel® PROSet/Wireless Wi-Fi Software might allow escalation of privilege. Intel has released a software updat...
HPSBHF03601 rev. 4 - Arbitrary Code Execution via Intel Smart Sound Technologies Driver
Potential Security Impact Escalation of Privilege Source: HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILITY SUMMARY HP has been informed of potential security vulnerabilities in the Intel Smart Sound Technologies driver module prior to version 9.21.00.354. These...
HPSBHF03593 rev. 2 - Firmware Trusted Platform Module (fTPM) for Select AMD Client Systems
Potential Security Impact Unauthorized access, elevation of privilege. Source: HP, HP Product Security Response Team PSRT Reported By: CTS-Labs VULNERABILITY SUMMARY A security vulnerability has been identified in specific versions of the AMD firmware-based Trusted Platform Module fTPM. The fTPM ...
HPSBGN03438 rev.2 - HP Support Assistant, Local Authentication Bypass
Potential Security Impact Authentication Bypass Source: HewlettPackard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified in HP Support Assistant. This vulnerability could be exploited locally to allow authentication bypass...
HPSBPI03147 rev.2 - Certain HP Color LaserJet Printers, Remote Unauthorized Access, Denial of Service (DoS)
Potential Security Impact Remote unauthorized access to data, Denial of Service DoS VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP Color LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to data or to create ...
HPSBHF02865 SSRT101158 rev.2 - HP ElitePad 900, Secure Boot Configuration Inconsistency
Potential Security Impact Secure Boot configuration inconsistency VULNERABILITY SUMMARY A potential vulnerability has been identified with certain HP ElitePad tablet PCs. The secure boot feature of the BIOS may not be enabled, allowing alternate operating systems to be booted in contradiction wit...
HPSBPI01026 SSRT2397 rev.3 - HP Web Jetadmin, Remote Unauthorized Access, Denial of Service (DoS)
Potential Security Impact Remote unauthorized access to files, Denial of Service DoS VULNERABILITY SUMMARY A potential vulnerability has been identified with HP Web Jetadmin. The vulnerability could be exploited to allow remote unauthorized access to files or to create a Denial of Service DoS...
HPSBPI02185 SSRT071290 rev.4 - HP Jetdirect Running ftp, Remote Denial of Service (DoS)
Potential Security Impact Remote Denial of Service DoS VULNERABILITY SUMMARY A potential vulnerability has been identified with HP Jetdirect running ftp. The vulnerability could be exploited remotely to create a Denial of Service DoS. RESOLUTION This vulnerability can be resolved by upgrading the...
Intel Chipset Firmware February 2026 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® Converged Security and Management Engine Intel® CSME, some Intel® Active Management Technology Intel® AMT, and some Intel® Standard Manageability, which might allow denial of service or information disclosure. Intel is...
HP ThinPro 8.1 SP7 Security Updates
Previous versions of HP ThinPro prior to HP ThinPro 8.1 SP7 could potentially contain security vulnerabilities. HP has released HP ThinPro 8.1 SP7, which includes updates to mitigate potential vulnerabilities. All of the identified vulnerabilities listed above were addressed and fixed as part of...
Intel PROSet/Wireless WiFi February 2025 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® PROSet/Wireless WiFi and Killer™ WiFi software products, which might allow information disclosure or denial of service. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities. Intel ha...
Certain HP LaserJet Pro Printers – Potential Information Disclosure
A user with device administrative privileges can change existing SMTP server settings on the device, without having to re-enter SMTP server credentials. By redirecting send-to-email traffic to the new server, the original SMTP server credentials may potentially be exposed. Update your printer...
Intel Arc™ & Iris® Xe Graphics Software May 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Arc™ & Iris® Xe Graphics software which may allow escalation of privilege. Intel is releasing updates to mitigate the potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...
Certain LaserJet Pro, HP Enterprise LaserJet, HP LaserJet Managed Printers - Potential Buffer Overflow, Potential Remote Code Execution
Certain HP LaserJet Pro, HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to Remote Code Execution due to buffer overflow when rendering fonts embedded in a PDF file. Update your printer firmware...
UC Software - Use of Insufficiently Random Values
A potential vulnerability was discovered in certain Poly devices. A potential flaw allows an attacker to predict a session and piggyback onto an active administrator session of the web server. The potential vulnerability is dependent on the administrator maintaining an active session. HP has...
Certain HP OfficeJet Pro Printers – Potential Denial of Service
Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when sending a SOAP message to the service on TCP port 3911 that contains a body but no header. Update your printer firmware...
Certain HP LaserJet Pro Print Products - Potential Remote Code Execution, Information Disclosure
Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery SSRF using the Web Service Eventing model. Update the printer firmware...
HPSBHF03595 rev. 6 - LoJax UEFI Rootkit
Potential Security Impact Elevation of Privilege, Information Disclosure, Loss of Confidentiality, Loss of Integrity. Source: HP, HP Product Security Response Team PSRT Reported by: ESET Research VULNERABILITY SUMMARY HP has identified a potential security vulnerability with a UEFI rootkit LoJax...