HPSBHF03699 rev. 2 - Intel® High Definition Audio Driver November 2020 Security Update

Potential Security Impact Escalation of Privilege Source: HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability identified in some Intel® High Definition Audio drivers which may allow escalation of privilege...

HPSBHF03698 rev. 2 - Intel® Thunderbolt™ DCH Drivers November 2020 Security Updates

Potential Security Impact Escalation of Privilege, Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of potential security vulnerabilities identified in some Intel® Thunderbolt™ DCH drivers for Windows which ma...

HPSBHF03701 rev. 2 - Intel® Ethernet 700 Series Controller November 2020 Security Update

Potential Security Impact Escalation of Privilege, Denial of Service Source: HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILITY SUMMARY Intel has informed HP of potential security vulnerabilities identified in the Intel® Ethernet 700 Series Controllers which might allow...

HPSBHF03702 rev. 4 - Intel® Solid State Drive (SSD) November 2020 Security Updates

Potential Security Impact Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of potential security vulnerabilities identified in multiple Intel® Solid State Drive SSD products which may allow information...

HPSBHF03700 rev. 1 - Intel® Wireless Bluetooth® November 2020 Security Update

Potential Security Impact Escalation of Privilege, Denial of Service Source: HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILITY SUMMARY Intel has informed HP of potential security vulnerabilities identified in Intel® Wireless Bluetooth® products which might allow escalati...

HPSBHF03695 rev. 1 - Intel® HID Event Filter Driver November 2020 Security Update

Potential Security Impact Escalation of Privilege Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability identified in the Intel® Human Interface Device HID Event Filter Driver which may allow...

HPSBHF03706 rev. 2 - Intel Unite® Client November 2020 Security Updates

Potential Security Impact Escalation of Privilege, Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY Intel has informed HP of potential security vulnerabilities identified in the Intel® Unite® Client and Cloud Service Client softwa...

HPSBHF03696 rev. 1 - Intel® Extreme Tuning Utility (XTU) November 2020 Security Update

Potential Security Impact Escalation of Privilege Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability identified in the Intel® Extreme Tuning Utility XTU which may allow escalation of privilege...

HPSBPI03693 rev. 1 - Certain HP OfficeJet Printers, Remote Denial of Service (DoS)

Potential Security Impact Denial of Service DOS Source: HP, HP Product Security Response Team PSRT Reported by: MT-SRG and VARAS VULNERABILITY SUMMARY HP has identified a potential security vulnerability with certain HP OfficeJet printers. The vulnerability could be exploited remotely to create a...

HPSBHF03692 rev. 1 - AMD® Radeon™ Graphics Driver D3DKMTCreateAllocation Handler Denial of Service

Potential Security Impact Denial of Service Source: HP, HP Product Security Response Team PSRT Reported By: AMD VULNERABILITY SUMMARY AMD has informed HP of a potential security vulnerability identified in the AMD® Radeon™ Graphics Drivers for Windows which may allow denial of service. For detail...

HPSBPI03691 rev. 1 - HP Linux Imaging and Printing Software - Potential Memory Buffer Overflow

Potential Security Impact Memory Buffer Overflow Source: HP, HP Product Security Response Team PSRT Reported by: Kevin Backhouse of GitHub Security Lab VULNERABILITY SUMMARY The HP Linux Imaging and Printing HPLIP software may potentially be affected by memory buffer overflow. RESOLUTION HP has...

HPSBHF03690 rev. 3 - NVIDIA GPU Display Driver September 2020 Security Updates

Potential Security Impact Escalation of Privilege, Code Execution, Denial of Service, Information Disclosure. Source: HP, HP Product Security Response Team PSRT Reported By: NVIDIA VULNERABILITY SUMMARY NVIDIA has informed HP of potential security vulnerabilities in the NVIDIA GPU Display Driver...

HPSBHF03689 rev. 2 - HP Device Manager Weak Cipher Implementation, Remote Method Invocation, and Elevation of Privilege

Potential Security Impact Susceptibility to dictionary attacks, unauthorized remote access to resources, and elevation of privilege. Source: HP, HP Product Security Response Team PSRT Reported By: Nick Bloor VULNERABILITY SUMMARY Potential vulnerabilities have been identified with certain version...

Certain HP Printers and MFP products - Cross-Site Scripting (XSS)

A potential security vulnerability has been identified for certain HP printers and MFPs. In jQuery versions before 3.5.0, passing HTML from untrusted sources may execute untrusted code. Update your printer firmware...

HPSBPI03688 rev. 1 - Certain HP Printer and MFP products - Cross-Site Scripting (XSS)

Potential Security Impact Cross-site Scripting XSS Source: HP, HP Product Security Response Team PSRT Reported by: The jQuery Foundation VULNERABILITY SUMMARY A potential security vulnerability has been identified for certain HP printers and MFPs. In jQuery versions before 3.5.0, passing HTML fro...

HPSBPI03687 rev. 3 - Certain HP LaserJet Printer and MFP Products and JetDirect Print Server Products - Information Disclosure

Potential Security Impact Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported by: Broadcom VULNERABILITY SUMMARY A potential security vulnerability has been identified for certain HP printers and MFPs. A Broadcom wireless vulnerability known as "Kr00k" CVE-2019-1512...

HPSBPI03686 rev. 1 - Certain HP Enterprise MFP products: Elevation of Privilege

Potential Security Impact Elevation of privilege Source: HP, HP Product Security Response Team PSRT Reported by: HP VULNERABILITY SUMMARY A potential security vulnerability has been identified for certain HP multifunction printers MFPs. The vulnerability may lead to elevation of privilege when...

HPSBHF03694 rev. 1 - AMD® Radeon™ Graphics Driver D3DKMTEscape Handler Denial of Service

Potential Security Impact Denial of Service Source: HP, HP Product Security Response Team PSRT Reported by: AMD VULNERABILITY SUMMARY AMD has informed HP of a potential security vulnerability identified in the AMD® Radeon™ Graphics Drivers for Windows which may allow denial of service. For detail...

HPSBHF03684 rev. 2 - Intel® BIOS September 2020 Security Updates

Potential Security Impact Escalation of Privilege, Denial of Service, Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel. VULNERABILITY SUMMARY Intel® has informed HP of potential security vulnerabilities identified in BIOS firmware for multiple Intel®...

HPSBHF03685 rev. 2 - Intel® AMT and Intel® ISM September 2020 Security Updates

Potential Security Impact Escalation of Privilege Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY Intel® has informed HP of potential security vulnerabilities identified in the Intel® Active Management Technology AMT and Intel® Standard Manageability I...

HPSBHF03681 rev. 2 - Intel® Graphics Drivers August 2020 Security Updates

Potential Security Impact Escalation of Privilege, Denial of Service Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of potential security vulnerabilities in some Intel® Graphics Drivers which may allow escalation of privilege and/...

HPSBHF03679 rev. 2 - Intel® Wireless Bluetooth August 2020 Security Updates

Potential Security Impact Denial of Service, Information Disclosure, Escalation of Privilege Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of potential security vulnerabilities in some Intel® Wireless Bluetooth® software which ma...

HPSBHF03680 rev. 1 - Intel® PROSet/Wireless WiFi Software August 2020 Security Updates

Potential Security Impact Escalation of Privilege, Denial of Service Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability in some Intel® PROSet/Wireless WiFi software which may allow escalation of...

HPSBHF03678 rev. 2 - GRUB2 Bootloader Arbitrary Code Execution

Potential Security Impact Arbitrary Code Execution Source: HP, HP Product Security Response Team PSRT Reported By: Eclypsium, Inc. VULNERABILITY SUMMARY HP has been informed of a potential security vulnerability in GRUB2 bootloaders commonly used by Linux. This vulnerability, known as “There’s a...

HPSBHF03677 rev. 1 - ALPS ALPINE Touchpad Driver Security Update

Potential Security Impact Arbitrary Code Execution Source: HP, HP Product Security Response Team PSRT Reported By: ALPS ALPINE VULNERABILITY SUMMARY ALPS ALPINE has informed HP of a potential security vulnerability with the ALPS ALPINE Touchpad Driver for Windows, which may allow a local attacker...

HPSBHF03675 rev. 1 - Synaptics® Fingerprint Drivers that use SGX

Potential Security Impact Arbitrary Code Execution Source: HP, HP Product Security Response Team PSRT Reported By: Synaptics ® VULNERABILITY SUMMARY Synaptics has notified HP of a potential security vulnerability in certain versions of Synaptics Fingerprint Sensor Drivers using Intel® Software...

HPSBHF03674 rev. 1 - Synaptics® VFS75xx Fingerprint Sensors Equipped with External Flash

Potential Security Impact Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Synaptics® VULNERABILITY SUMMARY Synaptics has notified HP of a potential security vulnerability in certain versions of VFS75xx Fingerprint Sensors equipped with external flash, which...

HPSBHF03673 rev. 4 - AMD® SMM Callout Privilege Escalation

Potential Security Impact Execution of Arbitrary Code Source: AMD Reported By: AMD VULNERABILITY SUMMARY A potential security vulnerability in AMD® software technology has been identified that, in the case of privileged physical or administrative access, an attacker could potentially manipulate...

HPSBHF03672 rev. 2 - NVIDIA GPU Display Driver June 2020 Security Updates

Potential Security Impact Escalation of Privilege, Code Execution, Denial of Service, Information Disclosure. Source: HP, HP Product Security Response Team PSRT Reported By: NVIDIA VULNERABILITY SUMMARY NVIDIA has informed HP of potential security vulnerabilities in the NVIDIA GPU Display Driver...

HPSBPI03666 rev. 3 - Certain HP and Samsung-branded Print Products - Network Stack Potential Vulnerabilities

Potential Security Impact Remote Code Execution, Denial of Service, and Multiple other Potential Vulnerabilities VULNERABILITY SUMMARY Multiple potential vulnerabilities may exist in the Treck Inc. networking stack used in certain HP and Samsung-branded printers. These may include, but not be...

HPSBHF03671 rev.1 - HP lt4120 Snapdragon X5 LTE Driver Installer Escalation of Privilege

Potential Security Impact Escalation of Privilege, Arbitrary Code Execution Source: HP, HP Product Security Response Team PSRT Reported by: TBD VULNERABILITY SUMMARY A potential security vulnerability has been identified with the installation package for the HP lt4120 Snapdragon X5 LTE Driver pri...

HPSBHF03670 rev. 2 - Intel® Processors Data Leakage Advisory

Potential Security Impact Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability involving cleanup errors in some data cache evictions in some Intel® Processors that may allow a...

HPSBHF03667 rev. 2 - Intel® 2020.1 IPU - CSME, SPS, TXT, AMT and DAL Security Updates

Potential Security Impact Escalation of Privilege, Denial of Service, Information Disclosure. Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY HP has been notified by Intel of potential security vulnerabilities in the Intel® Converged Security and...

HPSBHF03669 rev. 2 - Intel® 2020.1 IPU BIOS Security Updates

Potential Security Impact Escalation of Privilege, Denial of Service Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY HP has been notified by Intel of a potential security vulnerabilities in BIOS firmware for Intel® processors that may allow escalation ...

HPSBHF03668 rev. 4 - Intel® 2020.1 IPU Special Register Buffer Data Sampling and Improper Data Forwarding

Potential Security Impact Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability involving cleanup errors from specific special register read operations and improper data...

HPSBHF03665 rev. 3 - Realtek Audio Driver Security Update

Potential Security Impact Escalation of Privilege, Arbitrary Code Execution Source: HP, HP Product Security Response Team PSRT VULNERABILITY SUMMARY HP has been notified of a potential vulnerability with the Realtek High Definition Audio Driver for Windows, which may lead to DLL preloading and...

HPSBHF03664 rev. 3 - Intel® PROSet/Wireless WiFi Software April 2020 Security Updates

Potential Security Impact Escalation of Privilege, Denial of Service. Source: HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILITY SUMMARY Intel has informed HP of potential security vulnerabilities in some Intel PROSet/Wireless WiFi Software products may allow denial of...

HPSBHF03663 rev. 1 - HP Sure Sense Unauthorized Code Execution

Potential Security Impact Unauthorized Code Execution Source: HP, HP Product Security Response Team PSRT Reported By: Flavio Baldassi of Horizon Security VULNERABILITY SUMMARY A potential security vulnerability in the HP Sure Sense driver may allow Unauthorized Code Execution. RESOLUTION note: Th...

HPSBGN03662 rev. 1 - HP Support Assistant Potential Escalation of Privilege and Arbitrary File Deletion

Potential Security Impact Potential escalation of privilege and arbitrary file deletion. VULNERABILITY SUMMARY Potential escalation of privilege and arbitrary file deletion vulnerabilities have been identified with certain versions of HP Support Assistant. RESOLUTION A patch was released on April...

HPSBHF03661 rev. 1 - HP Connection Optimizer Escalation of Privilege

Potential Security Impact Escalation of Privilege VULNERABILITY SUMMARY A potential security vulnerability in the HP Connection Optimizer driver may allow escalation of privilege. RESOLUTION HP has identified the affected platforms and target versions for SoftPaqs. See the affected platforms list...

HPSBPI03660 rev. 1 - HP Inkjet Printers Account Lockout Issue

Potential Security Impact Account lockout bypass Source: HP, HP Product Security Response Team PSRT Reported by: Alexander Drabek, Logically Secure Limited VULNERABILITY SUMMARY A potential security vulnerability has been identified for certain HP Printers and All-in-Ones that would allow bypassi...

HPSBHF03659 rev. 4 - Intel® Smart Sound Technology March 2020 Security Update

Potential Security Impact Escalation of Privilege Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of a security vulnerability in the Intel® Smart Sound Technology which may allow an authenticated user to potentially enable escalati...

HPSBHF03658 rev. 3 - Intel® Graphics Drivers March 2020 Security Updates

Potential Security Impact Escalation of Privilege, Denial of Service, Information Disclosure. Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has reported potential security vulnerabilities in Intel® Graphics Drivers for Windows which may allow...

HPSBPI03653 rev. 1 - HP LaserJet Software Solution Elevation of Privilege for Certain HP LaserJet Printers

Potential Security Impact Elevation of privilege Source: HP, HP Product Security Response Team PSRT VULNERABILITY SUMMARY A potential security vulnerability has been identified for HP LaserJet Solution Software for certain HP LaserJet Printers which may lead to unauthorized elevation of privilege...

HPSBHF03657 rev. 3 - NVIDIA GPU Display Driver February 2020 Security Updates

Potential Security Impact Denial of Service, Escalation of Privileges, Code Execution, Information Disclosure. Source: HP, HP Product Security Response Team PSRT Reported By: NVIDIA VULNERABILITY SUMMARY NVIDIA has informed HP of potential security vulnerabilities in the NVIDIA GPU Display Driver...

HPSBHF03656 rev. 4 - Intel® Chipset Device Software INF Utility Security Update

Potential Security Impact Denial of Service. Source: HP, HP Product Security Response Team PSRT Reported by: Intel® VULNERABILITY SUMMARY HP has been notified of a potential security vulnerability in Intel® Chipset Device Software INF Utility that may allow denial of service via local access. Int...

HPSBHF03654 rev. 2 - HP Wide Vision FHD Camera Firmware Security Update

Potential Security Impact Arbitrary Code Execution, Denial of Service Source: HP, HP Product Security Response Team PSRT Reported by: Rick Altherr of Eclypsium VULNERABILITY SUMMARY Potential security vulnerabilities in the HP Wide Vision FHD Camera firmware may allow the ability to update the...

HPSBHF03652 rev.3 - Intel® Processor Graphics January 2020 Security Update

Potential Security Impact Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY HP has been notified of a potential security vulnerability with Intel® Processor Graphics that may allow an unauthenticated user to potentially enable...

HPSBHF03651 rev. 4 - Intel® CSME February 2020 Security Update

Potential Security Impact Escalation of Privilege, Denial of Service, and Information Disclosure. Source: HP, HP Product Security Response Team PSRT Reported by: Intel® VULNERABILITY SUMMARY HP has been notified of potential security vulnerabilities involving improper authentication with the Inte...

HPSBHF03650 rev. 2 - HP System Event Utility Execution of Arbitrary Code

Potential Security Impact Execution of Arbitrary Code Source: HP, HP Product Security Response Team PSRT Reported By: John Page aka Hyp3rlinx of ApparitionSec VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain versions of HP System Event Utility prior to...