Privilege Escalation in HP Support Assistant Affects User Systems
CVE-2019-6328

7.8HIGH

Key Information:

Vendor: HP
Status: HP Support Assistant
Vendor: CVE Published:; 25 June 2019

Summary

HP Support Assistant versions 8.7.50 and earlier are prone to a vulnerability that enables a user to gain elevated system privileges. This flaw may allow unauthorized users to modify critical directories or files, potentially compromising system integrity and security. It's essential for users to update their software to mitigate any associated risks.

Affected Version(s)

HP Support Assistant Version 8.7.50 and lower

References

https://support.hp.com/us-en/document/c06388027

x_refsource_CONFIRM

http://www.securityfocus.com/bid/108891

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 25, 2019
Vulnerability Reserved
Jan 15, 2019