Authentication Bypass in HP Anyware Agent for Linux
CVE-2025-1003

8.5HIGH

Key Information:

Vendor: HP, Inc.
Status: HP Anyware Linux Agent
Vendor: CVE Published:; 4 February 2025

What is CVE-2025-1003?

A potential vulnerability in HP Anyware Agent for Linux could allow unauthorized users to bypass authentication mechanisms, leading to potential privilege escalation. HP has acknowledged this issue and is in the process of releasing a software update to address this vulnerability. Users are advised to stay updated and apply the patches as soon as they are made available to safeguard their systems.

Affected Version(s)

HP Anyware Linux Agent See HP security bulletin reference for affected versions

References

https://support.hp.com/us-en/document/ish_11920613-119206...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 4, 2025

HP, Inc.

What is CVE-2025-1003?

Affected Version(s)

References

CVSS V4

Timeline