Attackers abuse HP Device Manager Backdoor to take control over users' Windows systems

Recently released HP security advisory contains three critical and high severity vulnerabilities in the Device Manager that allow attackers to take over the systems. HP Device Manager is commonly used by administrators to remotely control HP thin clients. Those devices allow admins to spend resources from a central server on the most important tasks. Security researcher Nick Bloor discovered, that the security flaws of the Device Manager put users that run the vulnerable version of it in danger of their systems being remote-controlled by the attackers, allowing "dictionary attacks, unauthorized remote access to resources, and elevation of privilege" and the full system takeover. Read more