Security News > 2022 > May > HP fixes bug letting attackers overwrite firmware in over 200 models
"Potential security vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities," reads the short advisory.
"This vulnerability could allow an attacker executing with kernel-level privileges to escalate privileges to System Management Mode. Executing in SMM gives an attacker full privileges over the host to further carry out attacks." explains a report by Starke.
An attacker needs to locate the memory address of the "LocateProtocol" function and overwrite it with malicious code.
It's important to underline that to exploit the vulnerability, an attacker would need to have root/SYSTEM level privileges on the target system, and execute code in System Management Mode.
The ultimate goal of such an attack would be to overwrite the UEFI Implementation of the machine with attacker controlled BIOS images.
Finally, it's also crucial to highlight that some HP computer models have mitigations that the attacker would need to bypass in order for the exploit to work, like the HP Sure Start system for example.