617 matches found
Certain HP OfficeJet Pro Printers – Potential Denial of Service
Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when sending a SOAP message to the service on TCP port 3911 that contains a body but no header. Update your printer firmware...
Certain HP Displays - Theft Deterrence
A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitor’s Theft Deterrence to be deactivated. HP has identified affected monitors and corresponding SoftPaqs with minimum versions that mitigate the potential...
Certain HP LaserJet Pro Print Products - Potential Remote Code Execution, Information Disclosure
Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery SSRF using the Web Service Eventing model. Update the printer firmware...
Certain HP LaserJet Pro Print Products - Potential Buffer Overflow
Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser. Update the printer firmware...
Certain HP PageWide Pro printers - Potential denial of service
Certain HP PageWide Pro Printers may be vulnerable to a potential denial of service attack. HP has provided firmware updates for potentially affected products listed in the table below...
HP ThinPro OS - File System Unlocked in HP ThinPro 7.2 Service Pack 8 (SP8)
A potential security vulnerability has been identified in HP ThinPro 7.2 Service Pack 8 SP8. The security vulnerability in SP8 is not remedied after upgrading from SP8 to Service Pack 9 SP9. HP has released Service Pack 10 SP10 to remediate the potential vulnerability introduced in SP8. Upgrade t...
Intel Unite® Client for Windows June 2021 security updates
Intel has informed HP of potential security vulnerabilities in the Intel Unite® Client for Windows which may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential vulnerabilities. HP has...
HPSBGN03620 rev. 4 - HP Support Assistant Escalation of Privilege Vulnerability
Potential Security Impact Elevation of privilege and unauthorized modification of directories or files. Source: HP, HP Product Security Response Team PSRT Reported by: Philippe Laulheret McAfee Advanced Threat Research, ManhNDd Bkav Corporation VULNERABILITY SUMMARY The vulnerability allows a use...
HPSBHF03603 rev. 3 - Escalation of Privilege via Intel PROSet/Wireless Wi-Fi Software
Potential Security Impact Escalation of privilege Source: HP, HP Product Security Response Team PSRT, Intel Reported By: Intel VULNERABILITY SUMMARY A potential security vulnerability in Intel® PROSet/Wireless Wi-Fi Software might allow escalation of privilege. Intel has released a software updat...
HPSBHF03593 rev. 2 - Firmware Trusted Platform Module (fTPM) for Select AMD Client Systems
Potential Security Impact Unauthorized access, elevation of privilege. Source: HP, HP Product Security Response Team PSRT Reported By: CTS-Labs VULNERABILITY SUMMARY A security vulnerability has been identified in specific versions of the AMD firmware-based Trusted Platform Module fTPM. The fTPM ...
HPSBGN03438 rev.2 - HP Support Assistant, Local Authentication Bypass
Potential Security Impact Authentication Bypass Source: HewlettPackard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified in HP Support Assistant. This vulnerability could be exploited locally to allow authentication bypass...
HPSBHF03310 rev.2 - HP Thin Clients running Windows Embedded Standard 7 (WES7) or Windows Embedded Standard 2009 (WES09) with HP Easy Deploy, Remote Elevation of Privilege, Execution of Code
Potential Security Impact Remote elevation of privilege, execution of code VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with certain HP Thin Clients running Windows Embedded Standard 7 WES7 and Windows Embedded Standard 2009 WES09 and all versions of HP Easy Deplo...
HPSBPI03147 rev.2 - Certain HP Color LaserJet Printers, Remote Unauthorized Access, Denial of Service (DoS)
Potential Security Impact Remote unauthorized access to data, Denial of Service DoS VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP Color LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to data or to create ...
HPSBHF02865 SSRT101158 rev.2 - HP ElitePad 900, Secure Boot Configuration Inconsistency
Potential Security Impact Secure Boot configuration inconsistency VULNERABILITY SUMMARY A potential vulnerability has been identified with certain HP ElitePad tablet PCs. The secure boot feature of the BIOS may not be enabled, allowing alternate operating systems to be booted in contradiction wit...
HPSBPI02807 SSRT100928 rev.2 - HP LaserJet Pro 400 Multi Function Printers, Remote Unauthorized Access
Potential Security Impact Remote unauthorized access VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with certain HP LaserJet Pro 400 Multifunction Printers MFP. The vulnerabilities could be remotely exploited to allow unauthorized access. RESOLUTION HP has provided...
HPSBPI01026 SSRT2397 rev.3 - HP Web Jetadmin, Remote Unauthorized Access, Denial of Service (DoS)
Potential Security Impact Remote unauthorized access to files, Denial of Service DoS VULNERABILITY SUMMARY A potential vulnerability has been identified with HP Web Jetadmin. The vulnerability could be exploited to allow remote unauthorized access to files or to create a Denial of Service DoS...
AMD Graphics Driver August 2024 Security Update
AMD has informed HP of potential security vulnerabilities identified in some AMD Graphics Drivers for Windows, which might allow denial of service or information disclosure. AMD is releasing software updates to mitigate these vulnerabilities. AMD has released updates to mitigate the potential...
AMD Client UEFI Firmware August 2024 Security Update
AMD has informed HP of potential security vulnerabilities identified in some AMD client platform firmware components, which might allow arbitrary code execution, escalation of privilege, information disclose, or denial of service. AMD is releasing firmware updates to mitigate these vulnerabilitie...
Certain HP LaserJet Pro Printers – Potential Information Disclosure
A user with device administrative privileges can change existing SMTP server settings on the device, without having to re-enter SMTP server credentials. By redirecting send-to-email traffic to the new server, the original SMTP server credentials may potentially be exposed. Update your printer...
Certain LaserJet Pro, HP Enterprise LaserJet, HP LaserJet Managed Printers - Potential Buffer Overflow, Potential Remote Code Execution
Certain HP LaserJet Pro, HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to Remote Code Execution due to buffer overflow when rendering fonts embedded in a PDF file. Update your printer firmware...
Intel Thunderbolt Controller February 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Thunderbolt™ Controllers, which might allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...
HPSBHF03595 rev. 6 - LoJax UEFI Rootkit
Potential Security Impact Elevation of Privilege, Information Disclosure, Loss of Confidentiality, Loss of Integrity. Source: HP, HP Product Security Response Team PSRT Reported by: ESET Research VULNERABILITY SUMMARY HP has identified a potential security vulnerability with a UEFI rootkit LoJax...
HPSBPI03580 rev. 2 - Cross Site Request Forgery Vulnerability for Certain HP Enterprise and PageWide Printers
Potential Security Impact Elevation of Privilege. Reported by: Mohamed Abdelbaset Elnoby VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP Enterprise and PageWide printers and MFPs. This vulnerability is known as Cross Site Request Forgery and could...
HPSBGN03561 rev.2 - HP Support Assistant Potential Escalation of Privilege
Potential Security Impact Escalation of privilege and unauthorized modification of directories or files. Source: HP, HP Product Security Response Team PSRT Reported by: Danny Wei of Tencent's Xuanwu Lab VULNERABILITY SUMMARY The vulnerability allows attacker to extract binaries into protected fil...
HPSBPI03546 rev.3 - HP LaserJet Printers and MFPs, HP OfficeJet Enterprise Printers, Remote Disclosure of Information
Potential Security Impact Remote disclosure of information Source: HP Development Company, HP Product Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP LaserJet Printers and MFPs, and certain HP OfficeJet Enterprise printers and...
HPSBPI02868 SSRT101017 rev.2 - HP Managed Printing Administration (MPA), Remote Cross Site Scripting (XSS)
Potential Security Impact Remote cross site scripting XSS VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP Managed Printing Administration MPA. The vulnerability could be exploited remotely resulting in cross site scripting XSS. RESOLUTION HP has made HP Manage...
HPSBPI02226 SSRT061274 rev.2 - HP Help and Support Center Running on HP Notebook Computers Running with Windows XP, Remote Unauthorized Access
Potential Security Impact Remote unauthorized access VULNERABILITY SUMMARY A potential security vulnerability has been identified in HP Help and Support Center running on HP Notebook Computers running with Windows XP. The vulnerability could be remotely exploited to allow unauthorized access to t...
Intel UEFI Reference Firmware March 2026 Security Update
Intel has informed HP of potential security vulnerabilities in UEFI for some Intel® reference platforms, which might allow escalation of privilege or information disclosure. Intel is releasing UEFI firmware updates to mitigate these potential vulnerabilities. Intel has released updates to mitigat...
HP Linux Imaging and Printing Software - Use of DSA Key
A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm DSA. HP has identified affected versions and the minimum software version that...
Intel 2024.3 IPU – BIOS Security Updates
Intel has informed HP of potential security vulnerabilities for some Intel® Processors, which might allow escalation of privilege, denial of service or information disclosure. Intel is releasing UEFI firmware updates to mitigate these potential vulnerabilities. Intel has released updates to...
Intel Xeon Processor August 2024 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® Xeon® Processors, which might allow escalation of privilege or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential...
Certain HP LaserJet Pro – Potential Cross-Site Scripting (XSS)
Certain HP LaserJet Pro devices are potentially vulnerable to a Cross-Site Scripting XSS attack via the web management interface of the device. Update your printer firmware...
Intel Extreme Tuning Utility (XTU) November 2023 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Extreme Tuning Utility XTU software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential...
Certain HP LaserJet Pro print products - Potential elevation of privilege and/or information disclosure
Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints. Update the printer firmware...
Realtek HD Audio Driver December 2022 Security Update
HP has been informed of a potential security vulnerability identified in some Realtek® High-Definition Audio Windows drivers which might allow denial of service system crash. Realtek has released updated drivers to mitigate the potential vulnerability. Realtek released updates to mitigate the...
Intel® Optane™ PMem August 2021 Security Update
Intel has informed HP of a potential security vulnerability identified in some Intel® Optane™ Persistent Memory PMem, which may allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability...
HPSBPI03693 rev. 1 - Certain HP OfficeJet Printers, Remote Denial of Service (DoS)
Potential Security Impact Denial of Service DOS Source: HP, HP Product Security Response Team PSRT Reported by: MT-SRG and VARAS VULNERABILITY SUMMARY HP has identified a potential security vulnerability with certain HP OfficeJet printers. The vulnerability could be exploited remotely to create a...
HPSBPI03646 rev.1 - Certain HP Enterprise MFP products: Elevation of Privilege
Potential Security Impact Elevation of privilege VULNERABILITY SUMMARY A potential security vulnerability has been identified for certain HP multifunction printers MFP which may lead to elevation of privilege. RESOLUTION HP has provided firmware updates for potentially impacted printers for the...
HPSBGN03577 rev 1 - Exposure of Application Configuration Details - Tommy Hilfiger TH24/7 Android app
Potential Security Impact Information exposure of application configuration. Reported By: Akshay Jain VULNERABILITY SUMMARY A potential security vulnerability caused by incomplete obfuscation of application configuration information was discovered. HP has no access to customer data as a result of...
HPSBPI02711 SSRT100647 rev.2 - HP MFP Digital Sending Software Running on Windows, Local Information Disclosure
Potential Security Impact Local information disclosure VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP MFP Digital Sending Software running on Windows. The vulnerability could result in disclosure of personal information contained in workflow metadata to...
HPSBMI02573 SSRT100227 rev.1 - Palm webOS, webOS Doc Viewer, Execution of Arbitrary Code
Potential Security Impact Execution of arbitrary code VULNERABILITY SUMMARY A potential security vulnerability has been identified with Palm webOS Doc Viewer. This vulnerability could be exploited to execute arbitrary code. RESOLUTION The vulnerability can be resolved by updating affected devices...
HPSBPI02532 SSRT100111 rev.3 - HP MFP Digital Sending Software Running on Windows, Local Unauthorized Access
Potential Security Impact Local unauthorized access VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP MFP Digital Sending Software running on Windows. The vulnerability could be exploited by a local user to gain unauthorized access to "Send to e-mail" and other...
HPSBPI2109 SSRT061141 rev.2 - HP Color LaserJet 2500 and 4600 Toolbox Running on Microsoft Windows Remote Unauthorized Disclosure of Information
Potential Security Impact Remote unauthorized disclosure of information VULNERABILITY SUMMARY A potential security vulnerability has been identified in the HP Color LaserJet 2500 and 4600 Toolbox, which may allow an unauthorized remote attacker to read arbitrary files. RESOLUTION HP has provided...
Nuvoton ECHD Key Security Update
Nuvoton has informed HP of a potential security vulnerability identified in Nuvoton TPM NPCT7xx models used in certain HP PC products, which might allow information disclosure. Nuvoton has released firmware mitigation for the potential vulnerability. HP has identified affected platforms and...
Poly Video - Sensitive Data Might Be Written to Log File
In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center TAC to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration...
Intel 2024.3 IPU – Chipset Firmware Security Update
Intel has informed HP of potential security vulnerabilities in Intel® Converged Security and Manageability Engine CSME, Intel® Active Management Technology AMT, Intel® Standard Manageability, Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software, which might allow escalation of privilege, deni...
HP One Agent Software – Potential Privilege Escalation
A potential security vulnerability has been identified in the HP One Agent for certain HP PC products, which might allow for escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability. Mitigation is available in HP Application Enabling Software Driver versi...
UC Software – Improper Access Control
A vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3.1301 in CCX devices. A flaw in the firmware build process did not properly restrict access to a resource from an unauthorized actor. The recommendation is to update an impacted device to the latest firmware...
HP ThinUpdate - Improper Certificate Validation
A potential security vulnerability has been identified in the HP ThinUpdate utility also known as HP Recovery Image and Software Download Tool which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability. HP ThinUpdate version 2.7.15 has been updated to...
Certain DesignJet and PageWide XL products - Potential information disclosure
Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer. HP has provided firmware updates to resolve the issue for the potentially affected products listed in the table below...