SentinelLabs has discovered a high severity flaw in an HP OMEN driver affecting millions of devices worldwide.

HP OMEN Gaming Hub is a software product that comes preinstalled on HP OMEN desktops and laptops. This software can be used to control and optimize settings such as device GPU, fan speeds, CPU overclocking, memory, and more. The same software is used to set and adjust lighting and other controls on gaming devices and accessories such as mouse and keyboard.

Attackers could exploit these vulnerabilities to locally escalate to kernel-mode privileges. With this level of access, attackers can disable security products, overwrite system components, corrupt the OS, or perform any malicious operations unimpeded.

The vulnerability is tracked as CVE-2021-3437, marked with CVSS Score 7.8.

“An exploitable kernel driver vulnerability can lead an unprivileged user to SYSTEM, since the vulnerable driver is locally available to anyone,” as SentinelOne researchers explained in a report published today.

Buy Me a Coffee

“This high severity flaw, if exploited, could allow any user on the computer, even without privileges, to escalate privileges and run code in kernel mode.”

impacted products:

  • HP OMEN Gaming Hub prior to version 11.6.3.0 is affected
  • HP OMEN Gaming Hub SDK Package prior 1.0.44 is affected

HP released a Security Advisory on September 14th to address this vulnerability.

This high severity vulnerability affects millions of PCs and users worldwide. While SentinelOne researchers haven’t seen any indicators that these vulnerabilities have been exploited in the wild up till now, using any OMEN-branded PC with the vulnerable driver utilized by OMEN Gaming Hub makes the user potentially vulnerable.

READ
Serbian Police Accused of Hacking Activists’ Phones Using Cellebrite Tools and Spyware

(via : SentinelOne)