fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Millions of HP OMEN Gaming PCs Impacted By Driver Vulnerability

Millions of HP OMEN Gaming PCs Impacted By Driver Vulnerability

Millions of HP OMEN laptop and desktop gaming computers are exposed to attacks by a high severity vulnerability that can let threat actors trigger denial of service states or escalate privileges and disable security solutions.

The security flaw (tracked as CVE-2021-3437) was found in a driver used by the OMEN Gaming Hub software that comes pre-installed on all HP OMEN desktops and laptops.

CVE-2021-3437 is caused by HP’s choice to use vulnerable code partially copied from WinRing0.sys, an open source driver, to build the HpPortIox64.sys driver the OMEN Gaming Hub software uses to read/write kernel memory, PCI configurations, IO ports, and Model-Specific Registers (MSRs).

Also Read: 10 Simple and Useful Tips On Agreement Drafting Services

The complete list of vulnerable devices is available here and it includes OMEN and HP Pavilion gaming laptops, as well as HP ENVY, HP Pavilion, and OMEN desktop gaming systems.

Millions of devices and users impacted

OMEN Gaming Hub can be used to boost one’s gaming experience through overclocking, optimizing system settings for various gaming profiles, adjusting lighting on gaming devices and accessories, and a lot more.

Considering that the software can also be downloaded from the Microsoft Store and installed on any Windows 10 computer with peripheral accessories sold under HP’s OMEN brand, millions of PCs worldwide are impacted by this flaw.

“An exploitable kernel driver vulnerability can lead an unprivileged user to SYSTEM, since the vulnerable driver is locally available to anyone,” as SentinelOne researchers explained in a report published today.

“This high severity flaw, if exploited, could allow any user on the computer, even without privileges, to escalate privileges and run code in kernel mode.”

Once attackers gain SYSTEM privileges on targeted HP OMEN devices, they can easily disable security products, overwrite system components with malicious payloads, corrupt the underlying operating system, or perform any other malicious tasks they choose.

The list of software products impacted by this vulnerability includes:

  • HP OMEN Gaming Hub prior to version 11.6.3.0
  • HP OMEN Gaming Hub SDK Package prior to 1.0.44

Security patches available since July

HP has released patches for this high severity vulnerability through the Microsoft Store on July 27 and has published a security advisory earlier.

SentinelOne also shared their findings in today’s report to warn users to update their software and defend their systems against attackers using CVE-2021-3437 exploits.

“While we haven’t seen any indicators that these vulnerabilities have been exploited in the wild up till now, using any OMEN-branded PC with the vulnerable driver utilized by OMEN Gaming Hub makes the user potentially vulnerable,” SentinelOne warned.

“Therefore, we urge users of OMEN PC’s to ensure they take appropriate mitigating measures without delay.”

Today’s report follows another one published by SentinelOne last month regarding a 16-year-old security vulnerability found in an HP, Xerox, and Samsung printers driver, which allows attackers to gain admin rights on systems using the vulnerable software.

Also Read: Top 5 Impact of Data Loss on Business

Earlier this year, SentinelOne researchers also found a 12-year-old privilege escalation bug in Microsoft Defender Antivirus (formerly Windows Defender) that threat actors can exploit to gain admin rights on unpatched Windows systems.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us