HP fixes severe bug in pre-installed Support Assistant tool

From bleepingcomputer.com

A HP envy laptop with the HP logo over it

HP issued a security advisory alerting users about a newly discovered vulnerability in HP Support Assistant, a software tool that comes pre-installed on all HP laptops and desktop computers, including the Omen sub-brand.

HP Support Assistant is used to troubleshoot issues, perform hardware diagnostic tests, dive deeper into technical specifications, and even check for BIOS and driver updates on HP devices.

The flaw, discovered by researchers at Secure D and reported to HP, is tracked as CVE-2022-38395 and has a “high” severity score of 8.2, as it enables attackers to elevate their privileges on vulnerable systems.

Read more…