Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Local attack requiring an existing low-privileged account to plant a hijacked module (AV:L, PR:L); no user interaction or complexity, and successful load yields SYSTEM-level C/I/A impact.
Primary rating from Vendor (hp).
CVSS VectorVendor: hp
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
Potential security vulnerabilities have been identified in the HP One Agent for certain HP PC products, which might allow for escalation of privilege and/or denial of service. HP is releasing software updates to mitigate these potential vulnerabilities.
AnalysisAI
Local privilege escalation and denial of service in HP One Agent software on HP PC products allow authenticated low-privileged users to gain elevated rights or disrupt the agent. HP has acknowledged the issue and is releasing software updates as mitigation. No public exploit identified at time of analysis, and the flaw is not listed on CISA KEV.
Technical ContextAI
HP One Agent is a system management agent preinstalled on HP commercial PCs that runs with elevated privileges to perform telemetry, update orchestration, and policy enforcement. The reported weakness maps to CWE-427 (Uncontrolled Search Path Element), the class of bug where a privileged process loads a DLL, executable, or other resource from a directory whose contents an unprivileged user can influence - typically because the search path includes a writable directory, a relative path, or a user-controllable PATH entry. Affected CPE is cpe:2.3:a:hp_inc.:hp_one_agent_software:*, meaning all currently shipped versions of HP One Agent on covered HP PC models are in scope until the patched build identified in HP advisory HPSBHF04060 is installed.
RemediationAI
Apply the HP-released software update for HP One Agent identified in HP security bulletin HPSBHF04060 (https://support.hp.com/us-en/document/ish_15146555-15146580-16/hpsbhf04060); patch availability is confirmed by HP but the exact fixed version is not enumerated in the provided data, so the advisory should be consulted for the build number applicable to each model. Until the patched build is deployed, compensating controls for a CWE-427 search-path flaw on Windows endpoints include removing write permissions for non-administrators on any directory in the HP One Agent service's load path (verify with Sysinternals Process Monitor against the service binary), enforcing AppLocker or WDAC publisher rules restricting which DLLs the HP One Agent process may load, and monitoring EDR for unsigned or unexpected modules loaded by HP One Agent processes - note these controls can break legitimate HP update workflows and should be staged in a pilot ring.
Same weakness CWE-427 – Uncontrolled Search Path Element
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37011
GHSA-g736-3qxc-3xmm