- Aug 3, 2004
HP Omen Hub Exposes Millions of Gamers to Cyberattack
Vulnerable HP OMEN Versions:
Metadata showed the researchers the HP OMEN Gaming Hub re-used code for its driver that is vulnerable unauthorized privilege escalation.
- HP OMEN Gaming Hub prior to version 126.96.36.199
- HP OMEN Gaming Hub SDK Package prior to version 1.0.44
“Unfortunately, issues with the WinRing0.sys driver are well-known,” the SentinelLabs report said. “This driver enables user-mode applications to perform various privileged kernel-mode operations via (input/output controls) IOCTLs interface.”
The HP driver potentially offers access through IOCTLs using model specific registers (MSRs) to access or alter CPU data, researchers added.
“This high-severity flaw, if exploited, could allow any user on the computer, even without privileges, to escalate privileges and run code in kernel mode,” the report added. “Among the obvious abuses of such vulnerabilities are that they could be used to bypass security products.”
Once inside, attackers could gain lateral access to wider networks, Sentinel Labs reported.
Back in Oct. 2019, SafeBreach published their findings on the same driver vulnerability in the HP Touchpoint Analytics Software, which could have clued threat actors into looking at similar vulnerabilities across other HP products.
HP put out a fix on Sept. 14, adding that the company will both push out automatic updates as well as offer manual options for patching.
“To reduce the attack surface provided by device drivers with exposed IOCTLs handlers, developers should enforce strong ACLs on device objects, verify user input and not expose a generic interface to kernel-mode operations,” the report advised.