Authentication Bypass in HP Anyware Agent for Linux
CVE-2025-1003

8.5HIGH

Key Information:

Vendor: HP, Inc.
Status: HP Anyware Linux Agent
Vendor: CVE Published:; 4 February 2025

Summary

A potential vulnerability in HP Anyware Agent for Linux could allow unauthorized users to bypass authentication mechanisms, leading to potential privilege escalation. HP has acknowledged this issue and is in the process of releasing a software update to address this vulnerability. Users are advised to stay updated and apply the patches as soon as they are made available to safeguard their systems.

Affected Version(s)

HP Anyware Linux Agent See HP security bulletin reference for affected versions

References

https://support.hp.com/us-en/document/ish_11920613-119206...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Feb 4, 2025