Local Privilege Escalation Vulnerability in HP Image Assistant
CVE-2025-13492

5.4MEDIUM

Key Information:

Vendor: HP Inc
Status: HP Image Assistant
Vendor: CVE Published:; 3 December 2025

What is CVE-2025-13492?

A local privilege escalation vulnerability has been discovered in HP Image Assistant, affecting versions prior to 5.3.3. This flaw arises from a race condition that may allow a local attacker to gain elevated permissions while installing packages, potentially compromising the system’s integrity. Users are advised to update to the latest version to mitigate this security risk.

Affected Version(s)

HP Image Assistant 0 < 5.3.3

References

https://support.hp.com/us-en/document/ish_13505078-135051...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Dec 3, 2025
Vulnerability Reserved
Nov 20, 2025

JSON

HP Inc

What is CVE-2025-13492?

Affected Version(s)

References

CVSS V4

Timeline