Local Privilege Escalation in HP Smart Update Manager on Windows and Linux
CVE-2014-2608

Currently unrated

Key Information:

Vendor: HP
Status: Smart Update Manager
Vendor: CVE Published:; 10 December 2014

What is CVE-2014-2608?

An unspecified vulnerability exists in HP Smart Update Manager versions prior to 6.4.1 for Windows and in versions 6.2.x through 6.4.x on Linux. This flaw can potentially allow local users to access sensitive information, leading to an escalation of privileges via unknown attack vectors. Organizations utilizing these affected versions should apply the recommended patches to mitigate the risk of unauthorized access.

References

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 10, 2014
Vulnerability Reserved
Mar 24, 2014