Arbitrary Code Execution Vulnerability in HP Softpaq Installer
CVE-2019-16283

7.8HIGH

Key Information:

Vendor: HP
Status: HP Softpaq Installer
Vendor: CVE Published:; 9 June 2023

What is CVE-2019-16283?

A potential security issue has been discovered in certain versions of the HP Softpaq Installer that may allow an attacker to execute arbitrary code on affected systems. This vulnerability arises from improper handling of inputs within the installer software, which could be exploited by malicious actors to gain control over compromised machines. Users are advised to review the affected versions and apply recommended patches to mitigate the risk.

Affected Version(s)

HP Softpaq installer 4.0.100.1189

References

https://support.hp.com/us-en/document/c06541912

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 9, 2023
Vulnerability Reserved
Sep 13, 2019