In a driver for the “HP OMEN Gaming Hub” software for Windows 10 preinstalled on HP Omen Gaming laptops and PCs, but also available from the Microsoft Store, there was a security gap with a “High” rating. Local attackers with normal access rights could have misused them under certain conditions to expand their privileges, gain SYSTEM rights and execute code in kernel mode. In this way, they could have made permanent manipulations and configuration changes to the operating system and, for example, installed malicious code or leveraged protective software.
Users of the HP OMEN Gaming Hub who have not updated the software and drivers for a long time or who have carried out a corresponding automatic update via the HP Support Assistant should do so as soon as possible. Protective updates have been available at least partially since the end of July, but a security advisory and technical details have only now been published. Active attacks on CVE-2021-3437 (CVSS score 7.8) in the wild have not yet been observed by SentinelOne’s research department (SentinelLabs), who discovered the vulnerability.
Updates and more information
Vulnerable are loud HPs Security Advisory zu CVE-2021-3437 OMEN Gaming Hub versions prior to 126.96.36.199. Versions from 188.8.131.52 and higher automatically remove the vulnerable driver from the system, according to HP. Alternatively, the driver can also be updated separately as a “Softpaq” by opening the OMEN Gaming HUB SDK package from version 1.0.44 upwards Installed. The advisory provides an overview of various HP devices along with update links to the appropriate softpaqs.
If you are interested in detailed technical details about the security gap, you will find it in one Blog entry from SentinelLabs.