CVE-2022-23454

Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
hpCNA
---
---
CVEADP
---
---
CISA-ADPADP
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
VendorProductVersion
hpsupport_assistant
𝑥
< 9.11
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762
https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762