Certain LaserJet Pro, HP Enterprise LaserJet, HP LaserJet Managed Printers - Potential Buffer Overflow, Potential Remote Code Execution

Certain HP LaserJet Pro, HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to Remote Code Execution due to buffer overflow when rendering fonts embedded in a PDF file. Update your printer firmware...

Certain HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Information Disclosure

Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to information disclosure, when connections made by the device back to services enabled by some solutions may have been trusted without the appropriate CA certificate in the device's certificate store...

Certain HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Buffer Overflow

Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to buffer overflow when using libwebp in Google Chrome or other web browsers. This issue occurs in all versions of libwebp prior to 1.3.2. Update your printer firmware...

HP Workstation BIOS Arbitrary Write Security Update

A potential security vulnerability has been identified in the system BIOS for certain HP Workstation PCs, which might allow escalation of privilege, arbitrary code execution, or denial of service. HP is releasing mitigation for the potential vulnerability. HP has released updates to mitigate the...

Intel Unite Software February 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Unite® software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerabilities. HP has...

Intel Thunderbolt Controller February 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Thunderbolt™ Controllers, which might allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...

Intel® PROSet/Wireless and Killer™ Wi-Fi Software February 2024 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software, which might allow escalation of privilege, information disclosure or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities...

Intel Extreme Tuning Utility (XTU) February 2024 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Extreme Tuning Utility XTU software, which might allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential...

Physical bypass of certain HP TamperLock features

Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities. Desktop Workstation mitigation f...

Intel Thunderbolt DCH Drivers for Windows February 2024 Security Updates

Intel has informed HP of potential security vulnerabilities in some Intel® Thunderbolt™ Declarative Componentized Hardware DCH drivers for Windows, which might allow escalation of privilege, denial of service, and/or information disclosure. Intel is releasing software updates to mitigate these...

Intel Virtual RAID on CPU (VROC) February 2024 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Virtual RAID on CPU VROC software, which might allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential...

AMI UEFI Firmware January 2024 EDK II Reference Vulnerabilities

Potential EDK II reference code vulnerabilities have been identified in certain HP PC products using AMI UEFI Firmware system BIOS, which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerabilities. AMI has released updates to mitigate the potential...

HP ThinPro 8.0 SP 7 Security Updates

Previous versions of HP ThinPro prior to HP ThinPro 8.0 SP7 could potentially contain security vulnerabilities. HP has released HP ThinPro SP7, which includes updates to mitigate potential vulnerabilities. All of the identified vulnerabilities listed above were addressed and fixed as part of Thin...

HP Device Manager Vulnerability Update (5.0.12)

Potential vulnerabilities have been identified in the HP Device Manager versions prior to HPDM 5.0.12. HP is releasing mitigation for the potential vulnerabilities as part of 5.0.12 release. All of the identified vulnerabilities listed above were addressed and fixed as part of HP Device Manager...

Qualcomm WLAN October 2023 Security Update

Potential vulnerabilities were identified in the Qualcomm WLAN Driver for certain HP PC products, which might allow arbitrary code execution or information disclosure. Qualcomm has released updates to mitigate the potential vulnerabilities. HP has identified affected platforms and corresponding...

NVIDIA® GPU Display Driver October 2023 Security Update

NVIDIA has informed HP of potential security vulnerabilities identified in the NVIDIA® GPU Display Driver for Windows which may allow escalation of privilege, code execution, denial of service, or information disclosure. NVIDIA has released updates to mitigate these vulnerabilities. NVIDIA has...

UC Software - Improper Input Validation

A potential vulnerability was discovered in certain Poly devices. A malformed packet sent to the device can result in a Denial-of-Service attack. HP has identified affected products and corresponding firmware minimum versions that mitigate the potential vulnerabilities. See the affected products...

UC Software - Hidden Functionality

A potential vulnerability was discovered in certain Trio devices. An attacker can enable a hidden configuration with knowledge of the administrator password, physical access to the device, and the ability to bypass the authentication process of the hidden configuration to gain a shell with elevat...

UC Software - Missing Authorization

A potential vulnerability was discovered in certain Trio devices. An attacker with physical access to a device without administrator privileges can gain administrative access through the Poly Lens interface due to a potential authorization vulnerability. This is only possible for devices that are...

UC Software – Unverified Password Change

A potential vulnerability was discovered in certain Poly devices. An attacker who can take over a web server session can also change the administrator password without knowledge of the current password due to an improper authentication check. HP recommends that customers disable the web server an...

UC Software - Improper Neutralization of Special Elements Used in an OS Command

A potential vulnerability was discovered in certain Poly voice products. A flaw in the neutralization of data passed in the input fields within the web UI could result in an authenticated command injection. HP has identified affected products and corresponding firmware minimum versions that...

UC Software - Use of Insufficiently Random Values

A potential vulnerability was discovered in certain Poly devices. A potential flaw allows an attacker to predict a session and piggyback onto an active administrator session of the web server. The potential vulnerability is dependent on the administrator maintaining an active session. HP has...

AMD Client UEFI Firmware November 2023 Security Update

AMD has informed HP of potential vulnerabilities identified in some AMD client platform firmware components, which might allow escalation of privilege, arbitrary code execution, denial of service, and/or information disclosure. AMD is releasing firmware updates to mitigate these vulnerabilities...

Plantronics Hub – Local Privilege Escalation

A privilege escalation exists in the updater for Plantronics Hub 3.25.1 and below. Upgrade to the latest version of Plantronics Hub 3.25.2...

Certain HP OfficeJet Pro Printers – Potential Denial of Service

Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when sending a SOAP message to the service on TCP port 3911 that contains a body but no header. Update your printer firmware...

Intel 2023.4 IPU Out-of-Band (OOB) Processor Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Processors, which might allow escalation of privilege and/or information disclosure and/or denial of service via local access. Intel is releasing firmware updates to mitigate this potential vulnerability. Intel has release...

Intel 2023.4 IPU – BIOS November 2023 Security Update

Intel has informed HP of potential security vulnerabilities in the BIOS firmware for some Intel® Processors, which might allow escalation of privilege or denial of service. Intel is releasing BIOS updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the...

AMD Client UEFI Firmware Return Address Security Update

AMD has informed HP of a potential security vulnerability identified in some AMD processors, which might allow information disclosure. AMD is releasing firmware updates to mitigate these vulnerabilities. AMD has released updates to mitigate the potential vulnerability. HP has identified affected...

AMD SMM Supervisor November 2023 Security Update

AMD has informed HP of a potential security vulnerability identified in some AMD processors which might allow arbitrary code execution. AMD is releasing firmware updates to mitigate these vulnerabilities. AMD has released updates to mitigate the potential vulnerability. HP has identified affected...

AMD Graphics Driver November 2023 Security Update

AMD has informed HP of potential vulnerabilities identified in some AMD Graphics Drivers for Windows, which might allow arbitrary code execution or denial of service. AMD has released updates to mitigate the potential vulnerabilities. HP has identified affected platforms and corresponding SoftPaq...

Intel Connectivity Performance Suite November 2023 Security Update

Intel has informed HP of a potential security vulnerability in the Intel® Connectivity Performance Suite software for some Intel® Wireless Products, which might allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates t...

Intel Optane™ SSD Firmware November 2023 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Optane™ SSD and some Intel® Optane™ SSD DC products, which might allow escalation of privilege, information disclosure or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities...

Intel Chipset Device Software November 2023 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Chipset Device Software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...

Intel Graphics Drivers November 2023 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Graphics drivers, which might allow escalation of privilege, denial of service and information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to...

Intel® Virtual RAID on CPU (VROC) August 2023 Security Updates

Intel has informed HP of a potential security vulnerability identified in the Intel® Virtual RAID on CPU VROC software, which might allow escalation of privilege. Intel is releasing software updates to mitigate the potential vulnerability. Intel has released updates to mitigate the potential...

Intel Extreme Tuning Utility (XTU) November 2023 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Extreme Tuning Utility XTU software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential...

AMD Ryzen Master™ SDK August 2023 Security Update

AMD has informed HP of potential security vulnerabilities identified in the AMD® Ryzen Master™ SDK, which might allow arbitrary code execution, denial of service, or information disclosure. AMD has released software updates to mitigate the potential vulnerabilities. AMD has released updates to...

Intel Rapid Storage Technology Software November 2023 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Rapid Storage Technology software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability...

Intel Dynamic Tuning Technology Software August 2023 Security Update

Intel has informed HP of a potential security vulnerability in the Intel® Dynamic Tuning Technology DTT software which may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerabilit...

HP Print and Scan Doctor for Windows - Potential Escalation of Privilege

HP Print and Scan Doctor for Windows may potentially be vulnerable to escalation of privilege. HP is releasing software updates to mitigate the potential vulnerability. The fix applies to HP Print and Scan Doctor for Windows application, which will be launched via the HP Support Assistant...

HP Device Manager Security Updates

Previous versions of HP Device Manager prior to HPDM 5.0.11 could potentially contain security vulnerabilities. HP has released HP Device Manager 5.0.11, which includes updates to mitigate potential vulnerabilities. All of the identified vulnerabilities listed above were addressed and fixed as pa...

Certain HP PC products - BIOS Password Unlock

A potential security vulnerability has been identified in the system BIOS for certain HP PC products which might allow escalation of privilege. HP is releasing firmware updates to mitigate the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs with minimum...

HP t430 and t638 Thin Clients - Firmware Tampering Vulnerability

HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers t...

HP ThinUpdate - Improper Certificate Validation

A potential security vulnerability has been identified in the HP ThinUpdate utility also known as HP Recovery Image and Software Download Tool which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability. HP ThinUpdate version 2.7.15 has been updated to...

Certain HP Displays - Theft Deterrence

A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitor’s Theft Deterrence to be deactivated. HP has identified affected monitors and corresponding SoftPaqs with minimum versions that mitigate the potential...

HP LIFE Android Mobile – Potential Escalation of Privilege, Information Disclosure

HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or information disclosure. Update your application...

Certain HP Enterprise LaserJet, LaserJet Managed printers - Potential denial of service, potential Cross Site Scripting (XSS)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. Update your printer firmware...

AMD Client UEFI DXE Driver Memory Leaks September 2023 Security Update

AMD has informed HP of potential vulnerabilities identified in some AMD client platform firmware components, which might allow denial of service or information disclosure. AMD is releasing firmware updates to mitigate these vulnerabilities. AMD has released updates to mitigate the potential...

NVIDIA GPU Display Driver June 2023 Security Updates

NVIDIA has informed HP of potential security vulnerabilities identified in the NVIDIA® GPU Display Driver for Windows which might allow escalation of privilege, arbitrary code execution, denial of service, or information disclosure. NVIDIA has released updates to mitigate these vulnerabilities...

HP PC BIOS September 2023 Security Updates for OpenSSL

Potential vulnerabilities have been identified in the system BIOS of HP PCs using OpenSSL 1.1.1, which might allow denial of service. HP is releasing BIOS updates to OpenSSL 1.1.1s to mitigate these potential vulnerabilities. HP has identified affected platforms and corresponding SoftPaqs with...