Over Millions of HP OMEN Gaming PCs Affected by Driver Vulnerability

Over Millions of HP OMEN Gaming PCs Affected by Driver Vulnerability

Over millions of HP OMEN laptops and desktop gaming computers are discovered to attacks by a high severity vulnerability that can permit the attackers to trigger a denial of services states or escalate rights and disable all the security solutions.

CVE-2021-3437 is impacted by HP’s choice to utilize the vulnerable code partially copied from WingRingo.sys, which is an open-source driver, to build the HpPortIox64.sys driver the OMEN Gaming Hub software uses to read and write kernel memory, PCI configurations, Model-Specific Registers (MSRs), and IO ports.

The full list of vulnerable devices also includes OMEN and HP Pavilion gaming laptops, as well as HP ENVY, HP Pavilion, and OMEN desktop gaming systems.

Around a Million of Devices and Users are affected

OMEN Gaming Hub can be used to boost one’s gaming experience through over clocking, optimizing system settings for various gaming profiles, adjusting lighting on gaming devices and accessories, and a lot more.

Taking that the software can also be downloaded from the Microsoft Store and installed on any Windows 10 computer with peripheral accessories sold under HP’s OMEN brand, millions of PCs worldwide are impacted by this flaw.

Over-Millions-of-HP-OMEN-Gaming-PCs-Affected-by-Driver-Vulnerability-image1

“The Exploitable kernel driver vulnerability can lead an unprivileged user to SYSTEM, since the vulnerable driver is locally available to anyone,” as SentinelOne researchers explained in a report published today. “This high severity flaw, if exploited, could allow any user on the computer, even without privileges, to escalate privileges and run code in kernel mode.”

Once attackers gain SYSTEM privileges on targeted HP OMEN devices, they can easily disable security products, overwrite system components with malicious payloads, corrupt the underlying operating system, or perform any other malicious tasks they choose.

The list of software products impacted by this vulnerability includes:

  • HP OMEN Gaming Hub before version 11.6.3.0
  • HP OMEN Gaming Hub SDK Package before 1.0.44

Security Patches Available Since July

HP has posted patches for this high austerity vulnerability through the Microsoft Store on July 27 and has published a security advisory earlier.

Investigators also shared their findings in today’s report to alert users to update their software and fight against their systems to defend attackers using CVE-2021-3437 exploits. “While we haven’t seen any indicators that these vulnerabilities have been exploited in the wild up till now, using any OMEN-branded PC with the vulnerable driver utilized by OMEN Gaming Hub makes the user potentially vulnerable.”

“Therefore, we urge users of OMEN PC’s to ensure they take appropriate mitigating measures without delay.” Today’s report follows another one published by SentinelOne last month regarding a 16-year-old security vulnerability found in an HP, Xerox, and Samsung printer’s driver, which allows attackers to gain admin rights on systems using the vulnerable software.

Earlier this year, our researchers also found a 12-year-old privilege escalation bug in Microsoft Defender Antivirus (formerly Windows Defender) that threat actors can exploit to gain admin rights on unpatched Windows systems.

Leave a Reply