Table of Contents
  • Home
  • /
  • Blog
  • /
  • Be Aware About these Six Unpatched SMM Vulnerabilities in HP Enterprise Devices
September 13, 2022
|
7m

Be Aware About these Six Unpatched SMM Vulnerabilities in HP Enterprise Devices


Be Aware About These Six Unpatched Smm Vulnerabilities In Hp Enterprise Devices

The Binarly security research team has published a report about six unpatched SMM vulnerabilities in HP Enterprise devices. According to the research team, these vulnerabilities can pose a severe threat to vulnerable devices if exploited. Attackers can abuse these vulnerabilities to implant malicious codes that enable attackers to maintain long-time persistence. Since these attacks occur at the firmware level, its been said that these types of attacks can easily evade OS-level security systems and survive reboots. 

All these SMM vulnerabilities are considered high in severity since they have got a score from 7.5 to 8.2 out of 10 in the CVSS scoring system. Owners of HP devices should be aware of these six unpatched SMM vulnerabilities in HO Enterprise devices. Since these vulnerabilities affect multiple HP products, including laptops, desktops, point-of-sale systems, and edge computing nodes, lets see how to fix these six unpatched SMM vulnerabilities in HO Enterprise devices in this post.

Summary Of these Six Unpatched SMM Vulnerabilities in HP Enterprise Devices:

These vulnerabilities in HP BIOS let attackers, not just Implant persistent malware programs that survive operating system updates and re-installations but are also capable of bypassing UEFI Secure Boot, Intel Boot Guard, virtualization-based security, and endpoint security systems. Check out the page for more technical details.

#CVE IDCVSS ScoreVectorDescription
1CVE-2022-239308.2 HighCVSS v3.1: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HThis a an SMM memory corruption vulnerability in an HP device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
2CVE-2022-316407.5 HighCVSS v3.1: AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:HA SMM callout on HP device, which allows a attacker to access the System Management Mode and execute arbitrary code.
3CVE-2022-316417.5 HighCVSS v3.1: AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:HA SMM callout on HP device, which allows a attacker to access the System Management Mode and execute arbitrary code.
4CVE-2022-316447.5 HighCVSS v3.1:AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:HThis is an SMM memory corruption vulnerability in an HP device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
5CVE-2022-316458.2 HighCVSS v3.1: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HThis is an SMM memory corruption vulnerability in an HP device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
6CVE-2022-316468.2 HighCVSS v3.1: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HThis is an SMM memory corruption vulnerability in an HP device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

HP Firmware Affected by These Vulnerabilities:

There are multiple firmware versions and devices affected by these SMM vulnerabilities, such as laptops, desktops, point-of-sale systems, and edge computing nodes. HP released advisories on Aug 9 and updated them on Aug 11 and Sep 7. Please visit the advisories for the latest updates. Please see the below table for the affected firmware versions.

#CVE IDDevice nameDriver nameDriver SHA256File GUID
1CVE-2022-23930HP EliteBook x360 1040 G801930D9B134145C6185E0FF19FACA58404287131D4526BDE62AF616677D0DA13A1D512D06948-6569-42C9-ABA3-E12BACE7B234
2CVE-2022-31640HP EliteBook x360 1040 G8FFFF17268b873c33f25ce0f2b6f7db60b13021765ce1db3755c9c7edfe8e714474d73F6A87A5-A33F-4B9A-A3D2-32D5B18BF6FF
3CVE-2022-31641HP EliteBook x360 1040 G8051140f569059699b5de2e60eb5f618755163ef2b059adafb5ac35e18fdeb20edef60D966D65-8F25-4574-8EAF-6C0463F38742
4CVE-2022-31644HP EliteBook x360 1040 G8FFFF398CB8FDD61555A40FFCCFAFF225F70084EB078667347275990A7C0AA31DE19C86930B1D-F85D-4275-AC97-10A7A57F3E2E
5CVE-2022-31645HP EliteBook x360 1040 G80185C75AF834D8BA590D596E791599F58FEA5B538F221F15876E254D3ED8392286E5B7CD60D6-4627-4411-8B6D-C60BA7FAB120
6CVE-2022-31646HP EliteBook x360 1040 G80519B6513B74D8081CE83CE69EB438C1392DF4282E359D3C79398259BCC8B4D158DEDE1B74E3-4A7F-FE08-058E-AC8678F99112

How To Fix these Six Unpatched SMM Vulnerabilities in HP Enterprise Devices?

The best solution to cope with security vulnerabilities is to keep your system up to date with the latest firmware and software. Unfortunately, HP didnt release patches for several models (at the time of publishing this post). We suggest you keep the advisories from time to time and patch the firmware as soon as released. 

As a general approach, it is good to enable System Guard Secure Launch and SMM protection on Windows running HP PCs. Please follow the Microsoft KB to see how to enable System Guard Secure Launch and SMM protection on Windows 10 and Windows 11 operating systems.

Now lets see how to upgrade BIOS in HP Laptops.

How to Upgrade BIOS in HP Devices?


BIOS can be upgraded in four different ways. However, Upgrading the BIOS manually from Windows is the simplest and safe way. Please refer to this 
KB to know about the remaining procedure.

1. Update the BIOS using HP Image Assistant
2. Update the BIOS from within the BIOS
3. Update the BIOS manually from within Windows
3. Update the BIOS manually from a USB flash drive (outside of Windows)

Step 1. Collect the Product Name, Product Number, Processor Name, and System BIOS.

You can capture this information either from the HP System Utility or from Windows System Information.

To open HP System Utility: Press the fn and esc keys to open the HP System Information utility.
To Open Windows System Information: Type System Information in the taskbar search and hit the Enter key.

Step 2. Prepare your system for the BIOS upgrade.

1. Connect the Power card in the case of Laptops.
2. Close all the applications. No applications are supposed to be running during the BIOS update.
3. Disable the Anti-Virus, system security, and any other security application temporarily. In Windows, search for and open 
Security and Maintenance settings, and then click Security to access virus protection settings.
4. Disable BitLocker temporarily. In Windows, search for and open 
Manage Bitlocker. Click Suspend protection, and then click Yes.

Step 3. Download the BIOS update.

1. Open the HP Software and Driver Downloads page on your browser.
2. Choose your product. Or Let the tool auto-analyze your product.
3. Select BIOS and check for any available BIOS updates. Click 
Download. Note: If you dont see BIOS updates, that means no updates are available for your product.

Step 4. Execute the BIOS update file.

Browse the file that you have downloaded. Execute it with a double-click on it.
Click Yes on the User Account Control screen.

Step 5. Click Next in the Installation Window.
Step 6. Accept the License Agreement.

Select I accept the terms in the license agreement, and then click Next.

Step 7. Click Next on the HP BIOS Update and Recovery window.
Step 8. Select Update, and then click Next.
Step 9. Restart after update.

Click Restart Now to install the update.

Step 10. Initiate BIOS update.

Click Apply Update Now on the HP BIOS Update window.

Step 11. Waite until the update process gets completed.
Step 12. Complete the BIOS update process and restart the computer.
Step 13. This completes the BIOS update process.

We hope this post would help you know about six unpatched SMM vulnerabilities in HP Enterprise devices. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium & Instagram, and subscribe to receive updates like this. 

You may also like these articles:

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Report

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.

Tools

Featured

View All

Learn Something New with Free Email subscription

Subscribe

Subscribe