Page 4 of 21 results (0.011 seconds)

CVSS: 8.4EPSS: 0%CPEs: 150EXPL: 0

A potential vulnerability has been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerability. Se ha identificado una vulnerabilidad potencial en el BIOS del sistema para ciertos productos de PC HP que puede permitir la escalada de privilegios y la ejecución de código. HP está lanzando actualizaciones de firmware para mitigar la vulnerabilidad potencial. • https://support.hp.com/us-en/document/ish_7191946-7191970-16/hpsbhf03820 •

CVSS: 7.8EPSS: 0%CPEs: 481EXPL: 0

A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software. Se ha identificado una posible vulnerabilidad de seguridad en el software HP Jumpstart, que podría permitir una escalada de privilegios. HP recomienda que los clientes desinstalen HP Jumpstart y utilicen el software myHP. • https://support.hp.com/us-en/document/ish_6189329-6189528-16/hpsbhf03791 •

CVSS: 9.0EPSS: 0%CPEs: 206EXPL: 0

A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary SMM (System Management Mode) code. A list of affected products and versions are available in https://support.hp.com/rs-en/document/c06456250. Ha sido identificada una potencial vulnerabilidad de seguridad en múltiples productos y versiones de HP que implica la posible ejecución de código arbitrario durante los servicios de arranque que puede resultar en una elevación de privilegios. La estructura de EFI_BOOT_SERVICES podría ser sobrescrita por parte de un atacante para ejecutar código SMM (System Management Mode) arbitrario. • https://support.hp.com/rs-en/document/c06456250 •

CVSS: 5.5EPSS: 0%CPEs: 29EXPL: 2

Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data (keystrokes) to any process. In mictray64.exe (mic tray icon) 1.0.0.46, a LowLevelKeyboardProc Windows hook is used to capture keystrokes. This data is leaked via unintended channels: debug messages accessible to any process that is running in the current user session, and filesystem access to C:\Users\Public\MicTray.log by any process. La tarea mictray64 de Conexant Systems, tal como es usada en los sistemas HP Elite, EliteBook, ProBook y ZBook, filtra datos confidenciales (keystrokes) a cualquier proceso. En mictray64.exe (mic tray icon) versión 1.0.0.46, un hook de Windows en LowLevelKeyboardProc es usado para capturar las pulsaciones de teclas (keystrokes). • http://www.securitytracker.com/id/1038527 https://www.modzero.ch/advisories/MZ-17-01-Conexant-Keylogger.txt https://www.modzero.ch/modlog/archives/2017/05/11/en_keylogger_in_hewlett-packard_audio_driver/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 4%CPEs: 39EXPL: 0

The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows remote attackers to modify data or cause a denial of service, or execute arbitrary code, via unspecified vectors. Vulnerabilidad en el módulo HP lt4112 LTE/HSPA+ Gobi 4G con firmware anterior a 12.500.00.15.1803 en dispositivos Thin Client EliteBook, ElitePad, Elite, ProBook, Spectre, Zbook y mt41, permite a atacantes remotos modificar los datos, provocar una denegación de servicio o ejecutar código arbitrario a través de vectores no especificados. • http://www.securityfocus.com/bid/76176 http://www.securitytracker.com/id/1033414 http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-446601.htm https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773272 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773272 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •