CVE-2022-23454

EUVD-2022-28527
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
Affected Products (NVD)
VendorProductVersion
hpsupport_assistant
𝑥
< 9.11
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762
https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762