HP OMEN driver vulnerability affects millions of HP devices.
HP OMEN Gaming Hub, formerly HP OMEN Command Center, is a pre-installed software product on HP OMEN desktops and notebooks. Used to control and optimize settings such as device GPU, memory, etc. The software can also be used to set and adjust brightness and other controls in gaming devices and accessories.
SentinelLabs security researchers discovered a high-severity vulnerability in the HP OMEN driver with a CVE number of CVE-2021-3437 and a CVSS score of 7.8. The reason for the vulnerability is that HP used the open source driver WinRing0.sys to build the HpPortIox64.sys driver to read and write kernel memory, PCI configuration, IO ports and MSR (special module register), and some codes in WinRing0.sys have security vulnerabilities. An attacker can exploit this vulnerability to escalate local privileges to kernel privileges. With privilege escalation, an attacker can disable security products, overwrite system components, compromise the operating system, or perform any malicious actions.
See the PoC video: https://assets.sentinelone.com/endpoint-protection/omen?lb-mode=overlay
For more technical details see: https://www.sentinelone.com/labs/cve-2021-3437-hp-omen-gaming-hub-privilege-escalation-bug-hits-millions-of-gaming-devices/
Affected products include OMEN and HP Pavilion gaming laptops, as well as HP ENVY, HP Pavilion, OMEN desktop gaming systems, including:
Before HP OMEN Gaming Hub v188.8.131.52;
Before HP OMEN Gaming Hub SDK Package 1.0.44.
Since the software is available for download at the Microsoft Store and pre-installed on HP OMEN machines, it is expected that more than a million devices will be affected.
HP has released a security update for the Microsoft Store on July 27 and a security bulletin on September 14.