HP fixes bug letting attackers overwrite firmware in over 200 models, BIOS, Firmware, Kernel, Vulnerability

HP has released BIOS updates today to fix two high-severity vulnerabilities affecting a wide range of PC and notebook products, which allow code to run with Kernel privileges.

Kernel-level privileges are the highest rights in Windows, allowing threat actors to execute any command at the Kernel level, including manipulating drivers and accessing the BIOS.

The flaws are tracked as CVE-2021-3808 and CVE-2021-3809, and both have a CVSS 3.1 base score of 8.8, giving them a high severity rating. At this time, HP has provided no technical details about these flaws.

“Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities,” reads the short advisory.

The list of affected products includes business notebooks like Zbook Studio, ZHAN Pro, EliteBook, ProBook, and Elite Dragonfly, business desktop PCs like the EliteDesk and ProDesk, retail PoS computers like the Engage, workstations like the Z1 and Z2, and thin client PCs.

For a complete list of all the affected models and the corresponding SoftPaqs to use in each case, check the security advisory page and look for your device. Note that not all of the listed products have received a fixing patch yet.

Researcher discloses more

Nicholas Starke, the researcher who discovered these flaws in November 2021, and reported them to HP, explains the problem in greater detail in a separate blog post.

“This vulnerability could allow an attacker executing with kernel-level privileges (CPL == 0) to escalate privileges to System Management Mode (SMM). Executing in SMM gives an attacker full privileges over the host to further carry out attacks.” explains a report by Starke.

The problem appears to be that an SMI handler can be triggered from the OS environment, for example, through the Windows kernel driver.

HP fixes bug letting attackers overwrite firmware in over 200 models, BIOS, Firmware, Kernel, Vulnerability

The vulnerable SMI handler (StarkeBlog)

An attacker needs to locate the memory address of the “LocateProtocol” function and overwrite it with malicious code. Finally, the attacker can trigger code execution by instructing the SMI handler to execute.

It’s important to underline that to exploit the vulnerability, an attacker would need to have root/SYSTEM level privileges on the target system, and execute code in System Management Mode (SMM).

The ultimate goal of such an attack would be to overwrite the UEFI Implementation (BIOS) of the machine with attacker controlled BIOS images. This means an attacker could plant persistent malware that can’t be removed by antivirus tools, and not even with OS reinstalls.

Finally, it’s also crucial to highlight that some HP computer models have mitigations that the attacker would need to bypass in order for the exploit to work, like the HP Sure Start system for example.

The researcher explains that HP Sure Start can detect tampering of this kind and shut down the host upon the memory corruption act. Then, at first startup, a warning will be displayed to the user along with a prompt to approve the system boot.

HP’s latest fixes come only two months after the computer maker plugged 16 UEFI firmware bugs and three months after addressing a different set of BIOS flaws.

As such, if you haven’t applied the security updates yet, make sure to take a backup of your data on a separate system and do so now.

TECH NEWS RELATED

Groundbreaking set for launchpad-like display of retired space shuttle Endeavour

The California Science Center will display Endeavour poised for launch.

View more: Groundbreaking set for launchpad-like display of retired space shuttle Endeavour

HP OMEN 16 and Victus 15 Gaming Laptops Get Refreshed with Latest Intel and AMD CPUs

As most laptop makers have been doing recently, HP has also refreshed its Omen 16 and Victus 15 gaming laptops with the latest from Intel and AMD and a few more enhancements. The laptops also come with minor design changes, which mainly include a bigger trackpad. Here are the ...

View more: HP OMEN 16 and Victus 15 Gaming Laptops Get Refreshed with Latest Intel and AMD CPUs

HP Neverstop Laser 1202nw review: A great small office choice

HP’s laser answer to refillable inkjet tank printers only comes in mono but does drastically cut costs

View more: HP Neverstop Laser 1202nw review: A great small office choice

“Electric Cars Can be Fun” – Deus’s Adrian-Filip Butuca on the 2,000 HP Vayanne Supercar

With 2,200 horsepower on tap, but promising an “oasis of luxury,” whilst being limited to just 99 units but hoping to send a message that electric cars are fun – the Deus Vayanne seems to be riddled with contradictions.  However, for Deus, and its partners ItalDesign and Williams Advanced Engineering ...

View more: “Electric Cars Can be Fun” – Deus’s Adrian-Filip Butuca on the 2,000 HP Vayanne Supercar

Watch Starliner head to launchpad ahead of major flight test

We’re now just a day away from the highly anticipated test flight of Boeing’s CST-100 Starliner spacecraft to the International Space Station (ISS). The uncrewed Orbital Flight Test-2 (OFT-2) is considered high-stakes as it follows a failed test mission in 2019 when the spacecraft was unable to enter the ...

View more: Watch Starliner head to launchpad ahead of major flight test

Grab a free Big Mac with DoorDash’s DashPass membership

Orders have to be more than $20

View more: Grab a free Big Mac with DoorDash’s DashPass membership

The HP Victus 15 is a $799 gaming laptop with surprisingly good specs

This could be a worthwhile portable gaming rig

View more: The HP Victus 15 is a $799 gaming laptop with surprisingly good specs

Top 10 HP laptops in India to buy in 2022

The laptop market has seen tremendous growth ever since the Covid-19 pandemic outbreak startedaffecting our lives. When we forced to stay indoors, laptops have become our gateway to work, entertainment, studies and more. Growth were registered by every Laptop OEM but one of the biggest benificaery of the lockdown ...

View more: Top 10 HP laptops in India to buy in 2022

This Impressive Midrange HP Laptop is a Steal at $420 ($130 Off)

HP Has Treats for Gamers on a Budget: Omen 16 and Victus 15 Notebooks Are Coming This Summer

HP Envy 34 All-in-One Desktop review: A big-screen AIO for power users and creators

Bugatti Chiron Super Sport produces 1,596 hp on the dyno

Best 15-inch Laptop Deals: Dell, HP and Lenovo from $245

HP Has New Omen and Victus Gaming Laptops for Gamers at Every Budget

HP's New Omen 16 Is All About Airflow

HP unveils Victus 15 gaming laptop that starts at $800

HP's new Omen 16 gaming laptops get up to a 36% boost to CPU performance thanks to an upgraded cooling system

HP Victus 15 adds an all-AMD option with improved battery life

HP Omen 16 (2022) hands-on review: Cool and colorful

HP refreshes its Omen 16 gaming laptop with improved cooling

OTHER TECH NEWS

Top Car News Car News