Security News > 2021 > September > HP Omen Hub Exposes Millions of Gamers to Cyberattack

HP Omen Hub Exposes Millions of Gamers to Cyberattack
2021-09-16 12:01

Millions of devices running the HP Omen Gaming Hub were using on a driver with a bug that could give attackers kernel-mode access without administrator privileges.

HP has since released a patch, but a new report on the flaw from researchers from SentinelLabs details how the gaming software was built in part by copying code from a problematic open-source driver called WinRing0.

HP Omen Gaming Hub is software that comes pre-installed on HP Omen desktops and laptops and functions as an optimizer for playing games, making automatic adjustments to fan speeds, lighting and accessory controls for the best gaming experience, SentinelLabs' report explained.

Metadata showed the researchers the HP OMEN Gaming Hub re-used code for its driver that is vulnerable unauthorized privilege escalation.

Over the summer, Akamai released its 2020 gaming report showing that attacks on the video-game industry exploded by 340 percent in 2020, thanks to armies of pandemic-weary people turning to games for entertainment.

"While we haven't seen any indicators that these vulnerabilities have been exploited in the wild up until now, using any OMEN-branded PC with the vulnerable driver utilized by OMEN Gaming Hub makes the user potentially vulnerable," the researchers warned.


News URL

https://threatpost.com/hp-omen-hub-gamers-cyberattack/169739/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
HP 6796 19 249 488 237 993