Search
Send enquiry

Month: October 2024

Vulnerability in HP Hotkey Support (CVE-2024-27458)

Posted on by ne@cirosec.de
Search
Send enquiry
  • Advisories

Vulnerability in HP Hotkey Support (CVE-2024-27458)

The HP HotKey Support (HPHKS) software provides the support for handling the Hotkeys (fixed notebook buttons that provide quick access to a particular function when pressed) for HP’s business Notebooks.

Bug

CVE-2024-27458: Local Privilege Escalation

A potential security vulnerability has been identified in the HP Hotkey Support software, which might allow local escalation of privilege. 

HP is releasing mitigation for the potential vulnerability. Customers using HP Programmable Key are recommended to update HP Hotkey Support.

CVSS Score
8.8 (CVSS v3) 

CVSS Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected Version
Details can be found here.

References
https://support.hp.com/us-en/document/ish_11342101-11342130-16/hpsbhf03977

Publication date 
October 4, 2024

Credits
Jan-Luca Gruber

Do you want to protect your systems? Feel free to get in touch with us.
Send Enquiry
Contact Details
Search
Search