Download Certificate- Most Promising Partner | ECIO | Most Admired Brand | Most Trusted Company

Firmware bugs in HP computer models were left unfixed for over a year


By MYBRANDBOOK


Firmware bugs in HP computer models were left unfixed for over a year

A set of six high-severity firmware vulnerabilities impacting a broad range of HP devices used in enterprise environments are still waiting to be patched. The flaws discovered recently are all SMM (System Management Module) memory corruption problems leading to arbitrary code execution.

 

A report highlighted that even though it’s been a month since they made some of the flaws public at Black Hat 2022, it hasn’t released security updates for all impacted models, leaving many customers exposed to attacks.

 

The six flaws that HP has left unpatched for months are:

· CVE-2022-23930 – Stack-based buffer overflow leading to arbitrary code execution.

· CVE-2022-31644 – Out-of-bounds write on CommBuffer, allowing partial validation bypassing.

· CVE-2022-31645 – Out-of-bounds write on CommBuffer based on not checking the size of the pointer sent to the SMI handler.

· CVE-2022-31646 – Out-of-bounds write based on direct memory manipulation API functionality, leading to privilege elevation and arbitrary code execution.

· CVE-2022-31640 – Improper input validation giving attackers control of the CommBuffer data and opening the path to unrestricted modifications.

· CVE-2022-31641 – Callout vulnerability in the SMI handler leading to arbitrary code execution.

 

SMM is part of the UEFI firmware that provides system-wide functions like low-level hardware control and power management. HP has released three security advisories acknowledging the mentioned vulnerabilities, along with an equal number of BIOS updates addressing the issues for some of the impacted models.
 BREAKING NEWS  BREAKING NEWS
Cisco announces AI-native secure Wi-Fi 7 for future-ready employe

Cisco announces AI-native secure Wi-Fi 7 for future-ready employe...

Announcing a major leap in wireless technology, Cisco has launched its Wi...

The BSE benchmark Sensex tumbled over 800 points, leaving investo

The BSE benchmark Sensex tumbled over 800 points, leaving investo...

The BSE benchmark Sensex recently experienced a significant drop, tumblin...

North Korean GPS Interference Disrupts Air Traffic

North Korean GPS Interference Disrupts Air Traffic...

South Korea's military has publicly accused North Korea of disrupting GP...

US ordered TSMC to halt chip shipments to China

US ordered TSMC to halt chip shipments to China...

TSMC has had regular discussions with the government on export control issu...

 TECHNO TRENDS  Placeholder image
Nazara and ONDC set to transform in-game monetization with ‘

Nazara and ONDC set to transform in-game monetization with ‘

Nazara Technologies has teamed up with the Open Network for Digital Comme...

Jio Platforms and NICSI to offer cloud services to government

Jio Platforms and NICSI to offer cloud services to government

In a collaborative initiative, the National Informatics Centre Services In...

BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium

BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium

A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...

Pinterest tracks users without consent, alleges complaint

Pinterest tracks users without consent, alleges complaint

A recent complaint alleges that Pinterest, the popular image-sharing platf...

 E-Magazine 
 TECHNOTAINMENT  Placeholder image
Eloelo teams up with Elvish Yadav for India's biggest digital

Eloelo teams up with Elvish Yadav for India's biggest digital

Netflix adds 'Moments' feature for saving, sharing scenes from

Netflix adds 'Moments' feature for saving, sharing scenes from

Netflix has introduced a new “Moments” feature on its mobile app, whic
Jacqueline Fernandez come together with YouTuber Mr. Beast for

Jacqueline Fernandez come together with YouTuber Mr. Beast for

Jacqueline Fernandez has partnered with American YouTuber Mr. Beast to b
 MOVERS & SHAKERS  Placeholder image
Kamal Nath quits SIFY Technologies

Kamal Nath quits SIFY Technologies

Visa elevates Rishi Chhabra as new Country Manager for India

Visa elevates Rishi Chhabra as new Country Manager for India

Rishi holds a Master’s in Industrial Engineering from The Ohio State Univ
Genesys welcomes Albert Nel as Senior VP and Regional Sales Le

Genesys welcomes Albert Nel as Senior VP and Regional Sales Le

Genesys continues to deepen its investment in the APAC region. Earlier this
 OPEN YOUR EYES  Placeholder image

Building of a secure infrastructure is highly essential to stop malicious activity
Opportunities For Technological Disruption In Times Of Crisis
Entire communications is moving towards Webinar :Age of Discovery
India is the fastest growing digital economies, Shaping Towards the New Normal
Manufacturing sector will be the next growth engine for Indian Economics
 INTERVIEWS  Placeholder image
In India, 88% of Indian business leaders are planning to inves

In India, 88% of Indian business leaders are planning to inves

Acer addresses evolving customer needs by consistently pushing

Acer addresses evolving customer needs by consistently pushing

Acer offers a comprehensive range of products under one roof, including des
Alcatel-Lucent Enterprise Carrying a 100 year legacy ahead

Alcatel-Lucent Enterprise Carrying a 100 year legacy ahead

A good amount of R&D works and global support services are operated out of

 HOT PICK  Placeholder image
BOULT unveils AmpVault V10 & V20 powerbanks: Fast charging, sa

BOULT unveils AmpVault V10 & V20 powerbanks: Fast charging, sa

SonicWall Launches TZ80: A Powerful Solution for Remote Office

SonicWall Launches TZ80: A Powerful Solution for Remote Office

SonicWall announced today the launch of the TZ80, a groundbreaking securit
Gigabyte X3D Turbo: A Gaming Revolution

Gigabyte X3D Turbo: A Gaming Revolution

GIGABYTE X3D Turbo Mode is a cutting-edge feature that unifies cores distr
 MAKE IN INDIA BRANDS   Placeholder image
STERLITE TECHNOLOGIES LTD.

STERLITE TECHNOLOGIES LTD.


ADITYA INFOTECH LTD.

ADITYA INFOTECH LTD.


SAMSUNG INDIA ELECTRONICS LTD.

SAMSUNG INDIA ELECTRONICS LTD.


TEJAS NETWORKS INDIA PVT. LTD.

TEJAS NETWORKS INDIA PVT. LTD.


 EMINENT CIO'S OF INDIA  EMINENT CIO'S OF INDIA

AI SYSTEMS ARE ENABLING A SEISMIC SHIFT IN THE WORLD OF CYBERSECURITY

AI’s analytical prowess enables it to analyze an...

HARNESSING THE POWER OF BIG DATA TO GAIN VALUABLE INSIGHTS

A Technology certainly drives innovation and busin...

STRATEGIC FRAMEWORK FOR SUSTAINABLE BUSINESS EXPANSION IS PATHWAY TO PROSPERITY

Accelerate the adoption of AI and machine learning...

 ICONS OF INDIA  Placeholder image

Icons Of India : NIKHIL RATHI

Co-founder & CEO of Web Werks, a global leader in Data Centers and Clo...

Icons Of India : Bhavish Aggarwal

Indian entrepreneur Bhavish Aggarwal is the CEO of Ola, India’s larg...

Icons Of India : NATARAJAN CHANDRASEKARAN

Natarajan Chandrasekaran (Chandra) is the Chairman of Tata Sons, the h...

 PARTNER SPEAKERS  EMINENT CIO'S OF INDIA

Ensuring Mutual Success By Aligning Partner's Needs

The IT industry is one of the most dynamic industries. Here, not only does the...

Innovation, alliances, client trust and team: Key Drivers of Success

Digital transformation is indeed a critical area. Intensity Global focuses on ...

Innovation, Technology and Partnerships Continue To Be The Cornerstone Of Growth

IT distribution is undergoing a significant transformation. As technology evol...

 PSU  Placeholder image

UIDAI - Unique Identification Authority of India

UIDAI and the Aadhaar system represent a significant milestone in Indi...

EESL - Energy Efficiency Services Limited  

EESL is uniquely positioned in India’s energy sector to address ener...

C-DAC - Centre for Development of Advanced Computing  

C-DAC is uniquely positioned in the field of advanced computing...

 VIDEOS  Placeholder image

 Top 25 Brands  Solution partners

Most Trusted Brands 2024 : TECH MAHINDRA

Tech Mahindra positions itself as a company that goes beyond just technology, ...

Most Trusted Brands 2024 : Redington Ltd. 

Redington positions itself as a bridge between global technology brands and re...

Most Trusted Brands 2024 : AMD 

Advanced Micro Devices (AMD) has been a key player in the semiconductor indust...

 Global Indian industry   Value-Added Distribution

Indian Tech Talent Excelling The Tech World - Shantanu Narayen, CEO- Adobe Systems Incorporated

Shantanu Narayen, CEO of Adobe Systems Incorporated, is renowned for h...

Indian Tech Talent Excelling The Tech World - ARVIND KRISHNA, CEO – IBM

Arvind Krishna, an Indian-American business executive, serves as the C...

Indian Tech Talent Excelling The Tech World - Thomas Kurian, CEO- Google Cloud

Thomas Kurian, the CEO of Google Cloud, has been instrumental in expan...

 STARNITE AWARDS 2024  
 ITFORUM 2024  
   
 CMO of the Year   Placeholder image
 WOMEN LEADERSHIP  Placeholder image
 IMAGE GALLERY   Placeholder image
 TRENDS IN TECHNOLOGY  Placeholder image
MORE VIDEOS  Placeholder image
Brand Book
Brand Book
Brand Book
Brand Book
 ADVERTISEMENTS  Placeholder image
Brandbook Brandbook
 TECHNOLOGY DISRUPTION Placeholder image

The Indian retail sector is expected to reach ~$2 Tn by 2032

The Indian retail sector is expected to reach ~$2 Tn by 2032

Digital Transformation will continue to be the double edged sword in 2021

Digital Transformation will continue to be the double edged sword in 2021

Google is getting ready to take on ChatGPT

Google is getting ready to take on ChatGPT

IUDX Becomes First Software Platform to Fully Adopt BIS Standards for Unified Data Exchange

IUDX Becomes First Software Platform to Fully Adopt BIS Standards for Unified Data Exchange

 UNICORNS REVOLUTIONISING Placeholder image

ANI Technologies Pvt. Ltd.

ANI Technologies Pvt. Ltd.

EaseMyTrip Limited

EaseMyTrip Limited

MOGLI LABS PRIVATE LIMITED

MOGLI LABS PRIVATE LIMITED

NoBroker Technologies Solutions Pvt Ltd.

NoBroker Technologies Solutions Pvt Ltd.


Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org
ADMIRED BRANDS

AFTER MARKET SERVICES

CATEGORIES

DISTRIBUTORS & VADs
GOVERNMENT BODIES

INDUSTRY BODIES

MAKE IN INDIA

CONTACT US

SUBSCRIBE NOW