Download Certificate- CMOs | ECIO | Most Admired Brand | Most Trusted Company

Firmware bugs in HP computer models were left unfixed for over a year


By MYBRANDBOOK


Firmware bugs in HP computer models were left unfixed for over a year

A set of six high-severity firmware vulnerabilities impacting a broad range of HP devices used in enterprise environments are still waiting to be patched. The flaws discovered recently are all SMM (System Management Module) memory corruption problems leading to arbitrary code execution.

 

A report highlighted that even though it’s been a month since they made some of the flaws public at Black Hat 2022, it hasn’t released security updates for all impacted models, leaving many customers exposed to attacks.

 

The six flaws that HP has left unpatched for months are:

· CVE-2022-23930 – Stack-based buffer overflow leading to arbitrary code execution.

· CVE-2022-31644 – Out-of-bounds write on CommBuffer, allowing partial validation bypassing.

· CVE-2022-31645 – Out-of-bounds write on CommBuffer based on not checking the size of the pointer sent to the SMI handler.

· CVE-2022-31646 – Out-of-bounds write based on direct memory manipulation API functionality, leading to privilege elevation and arbitrary code execution.

· CVE-2022-31640 – Improper input validation giving attackers control of the CommBuffer data and opening the path to unrestricted modifications.

· CVE-2022-31641 – Callout vulnerability in the SMI handler leading to arbitrary code execution.

 

SMM is part of the UEFI firmware that provides system-wide functions like low-level hardware control and power management. HP has released three security advisories acknowledging the mentioned vulnerabilities, along with an equal number of BIOS updates addressing the issues for some of the impacted models.
 BREAKING NEWS  BREAKING NEWS
With eyes on IPO, Flipkart plans to move domicile from Singapore

With eyes on IPO, Flipkart plans to move domicile from Singapore ...

Walmart-owned Flipkart is reportedly planning to move its domicile back f...

Sony names two executives as CEO of its Playstation unit

Sony names two executives as CEO of its Playstation unit...

Sony has announced that two veteran executives will take over as CEOs of i...

Permanent deletion of transactions can make e-rupee anonymous, RB

Permanent deletion of transactions can make e-rupee anonymous, RB...

The Governor of Reserve Bank of India (RBI) stated that the permanent del...

Zscaler unveils Digital Experience Monitoring Copilot

Zscaler unveils Digital Experience Monitoring Copilot...

Zscaler has announced groundbreaking innovations - ZDX Copilot, Hosted Mon...

 TECHNO TRENDS  Placeholder image
The government of India intends to construct a single portal f

The government of India intends to construct a single portal f

A single portal will be launched by the Indian government to list all of it...

OpenAI offers GPT-4o, a faster model available to all users at

OpenAI offers GPT-4o, a faster model available to all users at

GPT-4o, a faster and more sophisticated AI model, is made available to all...

Paytm brings UPI Lite Wallet for low-value transactions

Paytm brings UPI Lite Wallet for low-value transactions

Paytm’s parent company One97 Communications (OCL) is emphasizing upon UP...

BHIM to join e-commerce, competing with PhonePe and Google Pay

BHIM to join e-commerce, competing with PhonePe and Google Pay

The government-supported payment software BHIM is getting ready to join t...

 E-Magazine 
 TECHNOTAINMENT  Placeholder image
S.S. Rajamouli and Disney+ Hotstar brings the untold story of

S.S. Rajamouli and Disney+ Hotstar brings the untold story of

Airtel Xstream Play strengthens regional content library, part

Airtel Xstream Play strengthens regional content library, part

Bharti Airtel (“Airtel”), one of India’s leading telecommunications

ED attaches Raj Kundra, Shilpa Shetty’s Rs 97 crore worth as

ED attaches Raj Kundra, Shilpa Shetty’s Rs 97 crore worth as

The Enforcement Directorate (ED) has seized businessman Raj Kundra's pro
 MOVERS & SHAKERS  Placeholder image
New Relic names Katrina Wong as CMO

New Relic names Katrina Wong as CMO

Clover Infotech appointed Subham Banerjee as CDO

Clover Infotech appointed Subham Banerjee as CDO

Clover Infotech has announced the appointment of Subham Banerjee as its Ch
Saviynt ropes in Sanjeevi Kumar as new Sales Director in India

Saviynt ropes in Sanjeevi Kumar as new Sales Director in India

The cloud-native identity and governance platform solutions provider Saviy
 OPEN YOUR EYES  Placeholder image

Payment industry is eyeing Asia as attractive for V.C. investors amid COVID-19
Digitalization and cyberattacks go hand in hand
India is the fastest growing digital economies, Shaping Towards the New Normal
Growing cyberattacks is a raising concern ,it’s time to evaluate cloud-first strategy
India to be the top destination for companies moving out of China
 INTERVIEWS  Placeholder image
InstaSafe’s growth has always been determined by its custome

InstaSafe’s growth has always been determined by its custome

Acer continues to solidify itself as a leading player in the I

Acer continues to solidify itself as a leading player in the I

Acer, as a key player in the constantly evolving and vibrant ICT industry,

ETEK building a cybersecurity aware community

ETEK building a cybersecurity aware community

ETEK is a Global Managed Security Services expert with 30 years of experien
 HOT PICK  Placeholder image
Lenovo launches IdeaPad Pro 5i in India with Intel Core Ultra

Lenovo launches IdeaPad Pro 5i in India with Intel Core Ultra

COLORFUL rolls out an array of gaming laptops

COLORFUL rolls out an array of gaming laptops

COLORFUL launched its incredible series of COLORFUL EVOL P15 gaming laptop
Dell Technologies launches new AI-powered commercial PC portfo

Dell Technologies launches new AI-powered commercial PC portfo

Dell Technologies has launched the broadest portfolio of commercial AI lap
 MAKE IN INDIA BRANDS   Placeholder image
TP-LINK INDIA PVT LTD.

TP-LINK INDIA PVT LTD.


TEJAS NETWORKS INDIA PVT. LTD.  

TEJAS NETWORKS INDIA PVT. LTD.  


LUMINOUS POWER TECHNOLOGIES PVT. LTD.

LUMINOUS POWER TECHNOLOGIES PVT. LTD.


SECLORE TECHNOLOGY PVT. LTD. 

SECLORE TECHNOLOGY PVT. LTD. 


 EMINENT CIO'S OF INDIA  EMINENT CIO'S OF INDIA

Automation-based technological advancements has made the difference in the industry

Jyothy Labs is a FMCG company and has been synonym...

Fostering innovative technologies to improve the basic issues of the connected Healthcare Platform organization

We also plan to implement a zero-trust model assum...

Technological development unlocking the potentials of both employees & organization for better growth

Our approach to managing technical projects, deplo...

 ICONS OF INDIA  Placeholder image

Technology Icons Of India 2023: Madhabi Puri Buch

Madhabi Puri Buch is the chairperson of the securities regulatory body...

Technology Icons Of India 2023: Nandan Nilekani

Nandan Nilekani is the Co-Founder and Chairman of the Board, Infosys T...

Technology Icons Of India 2023: Hari Om Rai

Hari Om Rai is the Co-founder, Chairman & Managing Director of Lava In...

 PARTNER SPEAKERS  EMINENT CIO'S OF INDIA

BM Infotrade prioritising digital transformation and CX, while fostering innovation and agility

Undoubtedly people tend to resist the change and find it difficult to adapt to...

Symmetrix Empowering Collaboration between OEMs, Customers, and SMEs for Seamless Project Execution and Growth

A robust support system exists that fosters seamless communication and collabo...

Technological innovations impacting today will redefine the future

Securenet stands apart due to its commitment to 15 essential criteria covering...

 PSU  Placeholder image

Aadhaar: Architecting the World's Largest Biometric Identity System 

The Unique Identification Authority of India (UIDAI) is a statutory au...

STPI encouraging software exports from India  

Software Technology Parks of India (STPI) is an S&T organization under...

New defence PSUs will help India become self-reliant 

MIL, India’s biggest manufacturer and market leader is engaged in Pr...

 VIDEOS  Placeholder image

 Top 25 Brands  Solution partners

Most Trusted Brands 2023 : Cisco Systems India Pvt. Ltd.

Cisco is known to have made many acquisitions over the years and seeks for com...

Most Trusted Brands 2023 : Tata Consultancy Services (TCS)  

TCS’s commitment to innovation helps it stay ahead of the competition and de...

Most Trusted Brands 2023 : Bharti Airtel Limited

Founded as a manufacturer of bicycle parts in 1976 by Sunil Bharti Mittal, Bha...

 Value-Added Distribution  Value-Added Distribution

Crayon Software Experts India Pvt Ltd

Crayon helps its customers build the commercial and technical foundati...

INGRAM MICRO INDIA PVT. LTD.

Ingram Micro India, a large national distributor offers a comprehensiv...

TECHNOBIND SOLUTIONS PVT. LTD.

TechnoBind’s business model is focused on identifying and partnering...

 ITFORUM 2024  
 WIITF 2024  
   
 CMO of the Year   Placeholder image
 WOMEN LEADERSHIP  Placeholder image
 EMINENT CIO's OF INDIA   Placeholder image
 TRENDS IN TECHNOLOGY  Placeholder image
MORE VIDEOS  Placeholder image
Brand Book
Brand Book
Brand Book
Brand Book
 ADVERTISEMENTS  Placeholder image
 TECHNOLOGY DISRUPTION Placeholder image

Headcount downsizes attributed largely due to increased automation

Headcount downsizes attributed largely due to increased automation

Spirent and Cadence partner to offer advanced chipset testing

Spirent and Cadence partner to offer advanced chipset testing

Indian semiconductor Industry to reach $55 bn by 2026

Indian semiconductor Industry to reach $55 bn by 2026

BEL bags orders worth Rs 4878 crores

BEL bags orders worth Rs 4878 crores

 UNICORNS REVOLUTIONISING Placeholder image

ATHER ENERGY PRIVATE LIMITED

ATHER ENERGY PRIVATE LIMITED

Builder.ai

Builder.ai

Mensa Brand Technologies Private Limited

Mensa Brand Technologies Private Limited

Makemytrip (india) Private Limited

Makemytrip (india) Private Limited


Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org
ADMIRED BRANDS

AFTER MARKET SERVICES

CATEGORIES

DISTRIBUTORS & VADs
GOVERNMENT BODIES

INDUSTRY BODIES

MAKE IN INDIA

CONTACT US

SUBSCRIBE NOW