Tens of millions of HP OMEN laptop computer and desktop gaming computer systems are uncovered to assaults by a excessive severity vulnerability that may let menace actors set off denial of service states or escalate privileges and disable safety options.
CVE-2021-3437 is brought on by HP’s selection to make use of weak code partially copied from WinRing0.sys, an open supply driver, to construct the HpPortIox64.sys driver the OMEN Gaming Hub software program makes use of to learn/write kernel reminiscence, PCI configurations, IO ports, and Mannequin-Particular Registers (MSRs).
The whole listing of weak units is obtainable here and it consists of OMEN and HP Pavilion gaming laptops, in addition to HP ENVY, HP Pavilion, and OMEN desktop gaming methods.
Tens of millions of units and customers impacted
OMEN Gaming Hub can be utilized to spice up one’s gaming expertise by way of overclocking, optimizing system settings for varied gaming profiles, adjusting lighting on gaming units and equipment, and much more.
Contemplating that the software program may also be downloaded from the Microsoft Retailer and put in on any Home windows 10 pc that has peripheral equipment bought underneath HP’s OMEN model, thousands and thousands of PCs worldwide are impacted by this flaw.
“An exploitable kernel driver vulnerability can lead an unprivileged person to SYSTEM, for the reason that weak driver is regionally out there to anybody,” as SentinelOne researchers explained in a report published today.
“This excessive severity flaw, if exploited, might permit any person on the pc, even with out privileges, to escalate privileges and run code in kernel mode.
As soon as attackers acquire SYSTEM privileges on focused HP OMEN units, they’ll simply disable safety merchandise, overwrite system elements with malicious payloads, corrupt the underlying working system, or carry out some other malicious duties they select.
The listing of software program merchandise impacted by this vulnerability consists of:
- HP OMEN Gaming Hub previous to model 22.214.171.124
- HP OMEN Gaming Hub SDK Package deal previous to 1.0.44
Safety patches out there since July
SentinelOne additionally shared their findings in right now’s report to warn customers to replace their software program and defend their methods towards attackers utilizing CVE-2021-3437 exploits.
“Whereas we haven’t seen any indicators that these vulnerabilities have been exploited within the wild up until now, utilizing any OMEN-branded PC with the weak driver utilized by OMEN Gaming Hub makes the person doubtlessly weak,” SentinelOne warned.
“Subsequently, we urge customers of OMEN PC’s to make sure they take applicable mitigating measures directly.”
As we speak’s report follows one other one revealed by SentinelOne final month relating to a 16-year-old security vulnerability found in an HP, Xerox, and Samsung printers driver, which permits attackers to realize admin rights on methods utilizing the weak software program.
Earlier this yr, SentinelOne researchers additionally discovered a 12-year-old privilege escalation bug in Microsoft Defender Antivirus (previously Home windows Defender) that menace actors can exploit to realize admin rights on unpatched Home windows methods.