Download Certificate- Most Promising Partner | ECIO | Most Admired Brand | Most Trusted Company

Firmware bugs in HP computer models were left unfixed for over a year


By MYBRANDBOOK


Firmware bugs in HP computer models were left unfixed for over a year

A set of six high-severity firmware vulnerabilities impacting a broad range of HP devices used in enterprise environments are still waiting to be patched. The flaws discovered recently are all SMM (System Management Module) memory corruption problems leading to arbitrary code execution.

 

A report highlighted that even though it’s been a month since they made some of the flaws public at Black Hat 2022, it hasn’t released security updates for all impacted models, leaving many customers exposed to attacks.

 

The six flaws that HP has left unpatched for months are:

· CVE-2022-23930 – Stack-based buffer overflow leading to arbitrary code execution.

· CVE-2022-31644 – Out-of-bounds write on CommBuffer, allowing partial validation bypassing.

· CVE-2022-31645 – Out-of-bounds write on CommBuffer based on not checking the size of the pointer sent to the SMI handler.

· CVE-2022-31646 – Out-of-bounds write based on direct memory manipulation API functionality, leading to privilege elevation and arbitrary code execution.

· CVE-2022-31640 – Improper input validation giving attackers control of the CommBuffer data and opening the path to unrestricted modifications.

· CVE-2022-31641 – Callout vulnerability in the SMI handler leading to arbitrary code execution.

 

SMM is part of the UEFI firmware that provides system-wide functions like low-level hardware control and power management. HP has released three security advisories acknowledging the mentioned vulnerabilities, along with an equal number of BIOS updates addressing the issues for some of the impacted models.
 BREAKING NEWS  BREAKING NEWS
Elon Musk Merges X with xAI in $33 Billion Stock Deal

Elon Musk Merges X with xAI in $33 Billion Stock Deal...

Elon Musk has made waves once again by merging X (formerly Twitter) with...

India Strengthens Electronics Supply Chain with ₹22,919 Cr Manu

India Strengthens Electronics Supply Chain with ₹22,919 Cr Manu...

The scheme aims to attract an investment of INR 59,350 Cr, resulting in pro...

Govt Drops Import Duty making EV Batteries cheaper

Govt Drops Import Duty making EV Batteries cheaper...

The Centre is taking measures to counter the impact of US President Donald ...

CERT-In’s New Advisory Unveils Hidden Cyber Threats

CERT-In’s New Advisory Unveils Hidden Cyber Threats...

The advisory highlights critical vulnerabilities in AI models, outlines mul...

 TECHNO TRENDS  Placeholder image
Legal Battle Over IT Act Intensifies Amid Musk’s India Plans

Legal Battle Over IT Act Intensifies Amid Musk’s India Plans

The outcome of the legal dispute between X Corp and the Indian government c...

Wipro inks 10-year deal with Phoenix Group's ReAssure UK worth

Wipro inks 10-year deal with Phoenix Group's ReAssure UK worth

The agreement, executed through Wipro and its 100% subsidiary,...

Centre announces that DPDP Rules nearing Finalisation by April

Centre announces that DPDP Rules nearing Finalisation by April

The government seeks to refine the rules for robust data protection, ensuri...

Home Ministry cracks down on PoS agents in digital arrest scam

Home Ministry cracks down on PoS agents in digital arrest scam

Digital arrest scams are a growing cybercrime where victims are coerced or ...

 E-Magazine 
 TECHNOTAINMENT  Placeholder image
For 2nd Time, Kaspersky announced Mumbai Indians’ Official C

For 2nd Time, Kaspersky announced Mumbai Indians’ Official C

Hrithik Roshan to endorse RuPay as Brand Ambassador

Hrithik Roshan to endorse RuPay as Brand Ambassador

RuPay is reportedly planning to feature Bollywood superstar Hrithik Rosha
India Today Group launches – AI Pop Stars

India Today Group launches – AI Pop Stars

Staying true to our industry leadership position in using cutting-edge tech
 MOVERS & SHAKERS  Placeholder image
Cloudflare Promotes Goran Risticevic as VP & MD for APAC

Cloudflare Promotes Goran Risticevic as VP & MD for APAC

TelioLabs ropes in Phaniraj V A as the Group CEO

TelioLabs ropes in Phaniraj V A as the Group CEO

TelioLabs has announced the onboarding of Phaniraj V A as its new Group CE
Wipro Appoints Amit Kumar as Managing Partner and Global Head

Wipro Appoints Amit Kumar as Managing Partner and Global Head

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO), a leading technology s
 OPEN YOUR EYES  Placeholder image

Growing cyberattacks is a raising concern ,it’s time to evaluate cloud-first strategy
How to secure confidential data while working remotely
Automation & AI are becoming the main drivers for many business
Modernize the IT Strategy To Navigate COVID-19 and Beyond
India is the fastest growing digital economies, Shaping Towards the New Normal
 INTERVIEWS  Placeholder image
In India, 88% of Indian business leaders are planning to inves

In India, 88% of Indian business leaders are planning to inves

Delivering Critical Business Communication Solutions to Enterp

Delivering Critical Business Communication Solutions to Enterp

Arya Omnitalk and Syntel’s comprehensive suite of solutions and more than
AMD Pensando driving innovation in the DPU architecture space

AMD Pensando driving innovation in the DPU architecture space

AMD Pensando stands out in the DPU (Data Processing Unit) market with its u
 HOT PICK  Placeholder image
ASUS ExpertCenter P500 Mini Tower Desktop PC's launched in Ind

ASUS ExpertCenter P500 Mini Tower Desktop PC's launched in Ind

MSI Announces the availability of RTX 50 series of laptops in

MSI Announces the availability of RTX 50 series of laptops in

MSI, the innovative computing manufacturer in gaming, creator
Nothing Phone (3a) goes on sale today, starting at Rs 19,999

Nothing Phone (3a) goes on sale today, starting at Rs 19,999

The phone was launched on March 4, featuring a 50MP main, ultra-wide, and t
 MAKE IN INDIA BRANDS   Placeholder image
ACER INDIA PVT. LTD.

ACER INDIA PVT. LTD.


VERSA NETWORKS INDIA PVT. LTD.

VERSA NETWORKS INDIA PVT. LTD.


DATA SAFEGUARD INDIA PRIVATE LIMITED

DATA SAFEGUARD INDIA PRIVATE LIMITED


BEETEL TELETECH LTD.

BEETEL TELETECH LTD.


 EMINENT CIO'S OF INDIA  EMINENT CIO'S OF INDIA

HARNESSING THE POWER OF BIG DATA TO GAIN VALUABLE INSIGHTS

A Technology certainly drives innovation and busin...

SUSTAINING SUCCESS BY DELIVERING VALUE TO CUSTOMERS

This includes conducting regular audits, risk asse...

AI SYSTEMS ARE ENABLING A SEISMIC SHIFT IN THE WORLD OF CYBERSECURITY

AI’s analytical prowess enables it to analyze an...

 ICONS OF INDIA  Placeholder image

ICONS OF INDIA : ROSHNI NADAR MALHOTRA

Roshni Nadar Malhotra is the Chairperson of HCLTech, a leading global ...

Icons Of India : NATARAJAN CHANDRASEKARAN

Natarajan Chandrasekaran (Chandra) is the Chairman of Tata Sons, the h...

Icons Of India : NANDAN NILEKANI

Nandan Nilekani is the Co-Founder and Chairman of Infosys Technologies...

 PARTNER SPEAKERS  EMINENT CIO'S OF INDIA

Unwavering Commitment & Communication helping to thrive in the evolving digital landscape

We leverage a comprehensive market intelligence framework and an advanced CRM ...

A Trusted IT Partner Renowned For Reliability, Expertise, and Customer-Centricity

Fast paced changes in digital technology and constant innovations are impactin...

A "Make in India" brand dedicated to offer high quality communication products

For any brand to be successful, it is crucial that it understands the market d...

 PSU  Placeholder image

DRDO - Defence Research and Development Organisation 

DRDO responsible for the development of technology for use by the mili...

HPCL - Hindustan Petroleum Corporation Ltd.  

HPCL is an integrated oil and gas company involved in refining, market...

CSC - Common Service Centres 

CSC initiative in India is a strategic cornerstone of the Digital Indi...

 VIDEOS  Placeholder image

 Top 25 Brands  Solution partners

Most Trusted Brands 2024: TATA CONSULTANCY SERVICES LTD. (TCS)

TCS, a global leader in IT services, consulting, and business solutions, has b...

Most Trusted Brands 2024 : Oracle Corporation 

Oracle focuses on secure enterprise software, and cloud solutions to build str...

HEWLETT PACKARD ENTERPRISE COMPANY (HPE)

HPE is an edge-to-cloud company with offerings spanning Cloud Services, Comput...

 Global Indian industry   Value-Added Distribution

Indian Tech Talent Excelling The Tech World - NIKESH ARORA, Chairman CEO - Palo Alto Networks

Nikesh Arora, the Chairman and CEO of Palo Alto Networks, is steering ...

Indian Tech Talent Excelling The Tech World - Anirudh Devgan , President, Cadence Design

Anirudh Devgan, the Global President and CEO of Cadence Design Systems...

Indian Tech Talent Excelling The Tech World - PADMASREE WARRIOR, Founder, President & CEO - Fable

Padmasree Warrior, the Founder, President, and CEO of Fable, is revolu...

 ITFORUM 2025  
 STARNITE AWARDS 2024  
   
 CMO of the Year   Placeholder image
 WOMEN LEADERSHIP  Placeholder image
 IMAGE GALLERY   Placeholder image
 TRENDS IN TECHNOLOGY  Placeholder image
MORE VIDEOS  Placeholder image
Brand Book
Brand Book
Brand Book
Brand Book
 ADVERTISEMENTS  Placeholder image
Brandbook Brandbook
 TECHNOLOGY DISRUPTION Placeholder image

BEL & IAI sign MoU to address requirements in Short Range Air Defence Systems’ domain

BEL & IAI sign MoU to address requirements in Short Range Air Defence Systems’ domain

Analog Devices Announces Long-Reach Industrial Ethernet Offerings

Analog Devices Announces Long-Reach Industrial Ethernet Offerings

Worldwide Smartphone Sales to Grow 11% in 2021 says Gartner

Worldwide Smartphone Sales to Grow 11% in 2021 says Gartner

NetApp renews its partnership with Microsoft

NetApp renews its partnership with Microsoft

 UNICORNS REVOLUTIONISING Placeholder image

CredAvenue Private Limited

CredAvenue Private Limited

Dream Sports Group

Dream Sports Group

BLACKBUCK

BLACKBUCK

BrowserStack

BrowserStack


Copyright www.mybrandbook.co.in @1999-2025 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org
of images belongs to the respective copyright holders
ADMIRED BRANDS

AFTER MARKET SERVICES

CATEGORIES

DISTRIBUTORS & VADs
GOVERNMENT BODIES

INDUSTRY BODIES

MAKE IN INDIA

EXPLORE THE NEW BRAND BOOK
CONTACT US

SUBSCRIBE NOW