Top
image credit: Unsplash

HP Device Manager vulnerabilities may allow full system takeover

October 7, 2020

Three vulnerabilities affecting HP Device Manager, an application for remote management of HP Thin Client devices, could be chained together to achieve unauthenticated remote command execution as SYSTEM, security researcher Nick Bloor has found.

The vulnerabilities have been patched by HP nearly two weeks ago, but additional vulnerability and research details published on Monday may help attackers to craft a working exploit.

The vulnerabilities

Thin clients are low-performance computers optimized for establishing a remote connection with a server-based computing environment.

Read More on Help Net Security