Pre-Installed Applications Developed with Portrait Displays SDK Contain Critical Vulnerability

Applications developed using the Portrait Displays software development kit (SDK), versions 2.30 through 2.34, contain a critical vulnerability. A local attacker could exploit this vulnerability to take control of an affected system.

The affected applications, pre-installed on some Fujitsu, HP, and Philips devices, are:

Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3.
Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9.
HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11.
HP My Display: Version 2.0. The issue was fixed in Version 2.1.
Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26.

US-CERT recommends users and administrators review Vulnerability Note VU#219739 for additional information and refer to their device vendors for appropriate patches. Portrait Displays has released a patch for its SDK software.

This product is provided subject to this Notification and this Privacy & Use policy.

Pre-Installed Applications Developed with Portrait Displays SDK Contain Critical Vulnerability

Recent Posts

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA Adds One Known Exploited Vulnerability to Catalog