A report by cybersecurity firm Binarly points to the detection of 16 critical vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI), present in multiple HP enterprise devices. According to the researchers, threat actors can exploit these flaws to implant firmware capable of evading UEFI Secure Boot, Intel Boot Guard, and virtualization-based security measures.

Affected devices include HP enterprise deployments such as laptops, desktops, point-of-sale systems, and edge computing nodes: “Exploiting detected flaws would allow threat actors to execute privileged code on firmware and even deliver persistent malicious code that survives operating system reinstallations,”  Binarly reports.

This is the list of vulnerabilities described in the report:

  • CVE-2021-39297: DXE stack buffer overflow that would allow arbitrary code execution
  • CVE-2021-39298: SMM call that would trigger privilege escalation
  • CVE-2021-39299: DXE stack buffer overflow for arbitrary code execution
  • CVE-2021-39300: DXE stack overflow that would allow arbitrary code execution
  • CVE-2021-39301: DXE stack overflow for arbitrary code execution
  • CVE-2022-23924: SMM heap buffer overflow for arbitrary code execution
  • CVE-2022-23925: SMM memory corruption that would allow arbitrary code execution
  • CVE-2022-23926: SMM memory corruption that would allow arbitrary code execution
  • CVE-2022-23927: SMM memory corruption that would allow arbitrary code execution
  • CVE-2022-23928: SMM memory corruption that would allow arbitrary code execution
  • CVE-2022-23929: SMM memory corruption that would allow arbitrary code execution
  • CVE-2022-23930: SMM memory corruption that would allow arbitrary code execution
  • CVE-2022-23931: SMM memory corruption that would allow arbitrary code execution
  • CVE-2022-23932: SMM call that would allow privilege escalation
  • CVE-2022-23933: SMM call that would allow privilege escalation
  • CVE-2022-23934: SMM memory corruption that would allow arbitrary code execution

The most dangerous vulnerabilities in this report are memory corruption errors in the System Management Mode firmware feature. Threat actors could exploit these flaws to execute arbitrary code with high privileges on affected systems.

The company recommends installing HP UEFI firmware security updates, issued in February, to address the reported vulnerabilities.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Millions of HP laptops, points of sale machines and servers affected by 16 critical vulnerabilities appeared first on Information Security Newspaper | Hacking News.

source

You May Also Like

Input validation, access control bypass and XSS vulnerabilities in the pfSense firewall: Update immediately

Cybersecurity specialists report the detection of multiple vulnerabilities in pfSense, an open…

AWS patches to fix Log4j vulnerabilities could be exploited for privilege escalation or container escape attacks

Cybersecurity specialists from Palo Alto Networks mention that patches released by Amazon…

Vulnerability allows authenticating Windows servers remotely and taking over the Windows domains

French cybersecurity specialist Gilles Lionel reported the discovery of a serious vulnerability…