HP SoftPaqs Vulnerable to Arbitrary Code Execution
CVE-2024-28893

Currently unrated

Key Information:

Vendor: HP
Status: HP Software Packages (softpaqs)
Vendor: CVE Published:; 1 May 2024

Summary

Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary code execution when the SoftPaq configuration file has been modified after extraction. HP has released updated software packages (SoftPaqs).

Affected Version(s)

HP software packages (SoftPaqs) See HP Security Bulletin reference for affected versions.

References

https://support.hp.com/us-en/document/ish_10502451-105025...

Timeline

Vulnerability published
May 1, 2024
Vulnerability Reserved
Apr 16, 2024