The Binarly security research team reported several HP Enterprise devices are affected by six high-severity firmware vulnerabilities that are yet to be patched, and some of them have been disclosed more than a year ago.
The researchers disclosed technical details of some of the vulnerabilities at the Black Hat 2022 conference.
The bugs affect HP EliteBook devices and multiple additional HP product lines, the experts reported that the issues are arbitrary code execution vulnerabilities related to System Management Mode (SMM) of the of the Unified Extensible Firmware Interface (UEFI).
The SMM is an operating mode of x86 CPUs in which all normal execution, including the operating system, is suspended.
When a code is sent to the SMM, the operating system is suspended and a portion of the UEFI/BIOS firmware executes various commands with elevated privileges and with access to all the data and hardware.
Vulnerabilities in the SMM can be exploited to to bypass the Secure Boot, threat actors can bypass this security feature to create stealth rootkits.
