CyberNews Briefs

High Severity Vulnerabilities Found in HP Enterprise Devices

Security researchers at Binarly have reportedly uncovered six high-severity firmware vulnerabilities. The vulnerabilities were detected over the course of the past year and were first revealed at the Black Hat 2022 conference. The flaw affect HP EliteBook devices and range in severity scores from 7.5 to 8.2. The attacker could leverage the vulnerabilities to install a malicious implant on the firmware, security researchers say, as a modified legitimate module. According to a recently-released report, the impact of targeting firmware by threat actors is often underestimated. These flaws could allow an attacker to bypass Secure Boot and influence additional boot stages.

In addition, Binarly warned that some of the vulnerabilities disclosed and discussed at Black Hat have not yet been patched, making them more attractive targets for threat actors. The advisory states that although the flaws have been publicly disclosed for over a month, some HP enterprise devices such as laptops and desktops have not received updates that address all of the vulnerabilities.

Read More: High Severity Vulnerabilities Found in HP Enterprise Devices

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.