HP OMEN device bug allowed privilege escalation

Bug in HP OMEN
Written by Emma Davis

Millions of HP OMEN computers were vulnerable to a bug that allowed attackers to provoke denial of service, escalate privileges, and disable security products.

The issue affected HP OMEN Gaming Hub prior to version 11.6.3.0 and HP OMEN Gaming Hub SDK prior to version 1.0.44.

The HP OMEN Gaming Hub, formerly known as the HP OMEN Command Center, is a software product preinstalled on HP OMEN desktops and notebooks. It can be used to control and optimize settings such as the device’s GPU, fan speed, CPU overclocking, memory, and more. This same software is used to set and customize lighting and other controls on gaming devices and accessories such as a mouse and keyboard.

Vulnerability CVE-2021-3437 (CVSS 7.8) was found in a driver that uses the OMEN Gaming Hub software preinstalled on all HP OMEN computers and laptops. The issue is that HP is using vulnerable code, partially copied from the open source WinRing0.sys driver, for the HpPortIox64.sys driver, which the OMEN Gaming Hub uses to read / write kernel memory, PCI configurations, IO ports, and MSR (Model-Specific Registers).

A complete list of affected devices can be seen here.

It includes OMEN and HP Pavilion Gaming Laptops, as well as HP ENVY, HP Pavilion and OMEN Desktop Systems. Worse, the OMEN Gaming Hub can be downloaded from the Microsoft Store and installed on any computer with HP OMEN peripherals, dramatically increasing the number of potentially vulnerable systems.

The problem was discovered by the specialists of the SentinelOne company, and they write that the vulnerability of the kernel driver allows any unprivileged user to gain SYSTEM rights, since the vulnerable driver is locally available to everyone.

By gaining system privileges, attackers can easily disable security products, replace system components with malware, damage the underlying OS, and perform any malicious task of their choice.Researchers warn.

Back in July, HP released a fix for this vulnerability through the Microsoft Store and has now published a security bulletin.

All OMEN Gaming Hub users are encouraged to install the updates as soon as possible, if they have not done so before.

Let me remind you that we also talked about the fact that Thunderbolt PCs Can Be Hacked In Less Than 5 Minutes.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.