CVE-2025-43026

EPSS 0.03%
Published 05.06.2025 19:41:30
Last modified 06.06.2025 14:07:28
Source hp-security-alert@hp.com
Teams watchlist Login
Open Login

A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.44.18.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorHP, Inc.

≫

Product HP Support Assistant

Default Statusunaffected

Version See HP security bulletin reference for affected versions

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.06

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
hp-security-alert@hp.com	7.1	0	0	CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-281 Improper Preservation of Permissions

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

https://support.hp.com/us-en/document/ish_12617979-12618008-16/hpsbgn04022

https://nvd.nist.gov/vuln/detail/CVE-2025-43026

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-43026

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-43026

EUVD