Support Assistant
Monthly
A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.47.41.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write.
A potential security vulnerability has been identified in the HP Support Assistant, which allows a local attacker to escalate privileges via an arbitrary file deletion.
Local privilege escalation vulnerability in HP Support Assistant versions before 9.44.18.0 that allows a local attacker with limited user privileges to write arbitrary files and escalate to higher privilege levels without user interaction. The vulnerability carries a CVSS score of 7.8 (high severity) and exploits improper file permission handling in the support application; while KEV status and active exploitation data are not provided in the source material, the low attack complexity and local attack vector suggest this is a realistic threat for systems running vulnerable versions.
HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.5% and no vendor patch available.
A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.47.41.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write.
A potential security vulnerability has been identified in the HP Support Assistant, which allows a local attacker to escalate privileges via an arbitrary file deletion.
Local privilege escalation vulnerability in HP Support Assistant versions before 9.44.18.0 that allows a local attacker with limited user privileges to write arbitrary files and escalate to higher privilege levels without user interaction. The vulnerability carries a CVSS score of 7.8 (high severity) and exploits improper file permission handling in the support application; while KEV status and active exploitation data are not provided in the source material, the low attack complexity and local attack vector suggest this is a realistic threat for systems running vulnerable versions.
HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.5% and no vendor patch available.