HP patched a vulnerability discovered in the HP Touchpoint Analytics software installed by default on most HP computers running Windows. The local privilege escalation (LPE) vulnerability tracked as CVE-2019-6333 was found in the Open Hardware Monitor library used by HP’s monitoring software. The security issue is caused by the lack of safe DLL loading caused by using an uncontrolled search path and by not validating if the DLLs it loads are signed with digital certificates. The vulnerability was discovered by a researcher Peleg Hadar and reported to HP on July 4.
Source: https://www.bleepingcomputer.com/news/security/hp-touchpoint-analytics-lpe-vulnerability-affects-most-hp-pcs/

