CVE-2025-43026

| EUVD-2025-17024 HIGH
2025-06-05 [email protected]
7.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 17:53 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 17:53 euvd
EUVD-2025-17024
CVE Published
Jun 05, 2025 - 20:15 nvd
HIGH 7.8

Tags

Privilege Escalation Hp Support Assistant

Description

A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.44.18.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write.

Analysis

Local privilege escalation vulnerability in HP Support Assistant versions before 9.44.18.0 that allows a local attacker with limited user privileges to write arbitrary files and escalate to higher privilege levels without user interaction. The vulnerability carries a CVSS score of 7.8 (high severity) and exploits improper file permission handling in the support application; while KEV status and active exploitation data are not provided in the source material, the low attack complexity and local attack vector suggest this is a realistic threat for systems running vulnerable versions.

Technical Context

CVE-2025-43026 is rooted in CWE-281 (Improper Preservation of Permissions), a weakness where the application fails to properly maintain or enforce file access controls. HP Support Assistant, a system utility that handles driver management, firmware updates, and support functions, contains a flaw in its file write operations that does not adequately restrict where files can be written or validate file paths before writing. This allows an authenticated local user to specify arbitrary file paths (likely through mishandled temporary directories, configuration files, or installation directories) and write malicious content that could be executed with elevated privileges. The vulnerability affects HP Support Assistant versions prior to 9.44.18.0 (CPE: cpe:2.3:a:hp:support_assistant:*:*:*:*:*:*:*:* with version constraints <9.44.18.0). The arbitrary file write primitive is a well-known escalation technique when combined with DLL hijacking, service file overwrites, or scheduled task manipulation.

Affected Products

HP Support Assistant (All versions prior to 9.44.18.0)

Remediation

Patching: Upgrade HP Support Assistant to version 9.44.18.0 or later. This version contains fixes for the arbitrary file write vulnerability and improved file permission handling.; priority: Immediate Mitigation (if patching delayed): Restrict local user account privileges using Windows Group Policy or privilege management tools (e.g., AppLocker, Windows Sandbox for untrusted users). Implement strict NTFS ACLs on HP Support Assistant installation directories and temporary file locations to prevent modification by non-administrative users.; priority: High Detection: Monitor file system access events (Windows Event Viewer: Security events for file creation/modification in %ProgramFiles%\HP\Support Assistant and %TEMP% directories) for unauthorized writes by non-admin accounts. Flag attempts to write to system-critical paths.; priority: Medium Workaround: If upgrade is not immediately feasible, consider disabling or removing HP Support Assistant if not essential for operations, or run it in a containerized/sandboxed environment on multi-user systems.; priority: Medium

Priority Score

39
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +39
POC: 0

Share

CVE-2025-43026 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy