← All drivers
vulnerable
Driver

cpqsysio64.sys

HP physical-memory driver (HP ProLiant Support Pack, firmware/ROM update tooling)

From Hewlett-Packard (Compaq heritage)
Part of the HP family
Status
On a known-vulnerable list
Known variants
1 distinct hashes
Field notes

cpqsysio64.sys is the 64-bit build of a Hewlett-Packard 'physical memory driver' shipped with the HP ProLiant Support Pack and HP firmware/ROM-update utilities. The 'cpq' prefix is Compaq heritage; Compaq was acquired by HP in 2002, and the prefix lingered inside HP's server-management and firmware tooling for many years.

The driver exposes raw physical-memory access to user-mode, originally so HP ProLiant utilities and ROM flashers could talk to hardware directly. No specific CVE is assigned. It is on the public LOLDrivers and Sigma vulnerable-driver lists for the access surface, which is the same primitive an attacker with admin would want from a signed driver.

If you administer HP ProLiant servers, the driver is expected on those machines. On a normal desktop or laptop, it has no business being on disk. Microsoft's Vulnerable Driver Blocklist blocks it from loading.

What the record shows

cpqsysio64.sys is listed as a known-vulnerable driver on the public LOLDrivers project. One distinct binary hash matching this filename is on record.

What this means, plainly
Presence is not proof of misuse. Driver files on the LOLDrivers list commonly ship with legitimate hardware tools, gaming software, or vendor utilities. Their presence is recorded as evidence on a record. It is never treated as a verdict about a person.
Source

Status data comes from the public LOLDrivers project, a community-curated registry of drivers known to be vulnerable or malicious. The snapshot Vera uses was refreshed July 10, 2026. CVE links go to the NIST National Vulnerability Database.

Cite this entry

Vera Project. “cpqsysio64.sys.” Vera Field Guide (Driver). The Vera Project. https://www.veraproject.xyz/field-guide/drivers/cpqsysio64-sys