Sensitive Data Exposure in Microsoft Teams Admin Center by HP
CVE-2025-14432

8.1HIGH

Key Information:

Vendor: HP Inc
Status: Poly G7500; Poly Studio G62; Poly Studio X72; Poly Studio X52
Vendor: CVE Published:; 16 December 2025

What is CVE-2025-14432?

A vulnerability exists within the Microsoft Teams Admin Center whereby sensitive data may unintentionally be logged during device configuration changes made by an admin. The log files are only accessible to users with admin privileges, ensuring that the exposure is limited to authorized personnel. Importantly, this issue is specific to the Microsoft Teams Admin Center and does not arise from configuration changes executed via the provisioning server or the device's WebUI, mitigating broader impacts.

Affected Version(s)

Poly EagleEye Cube 0

Poly G7500 0

Poly Studio A2 0

References

https://support.hp.com/us-en/document/ish_13612310-136123...

CVSS V4

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 16, 2025
Vulnerability Reserved
Dec 10, 2025

JSON

HP Inc

What is CVE-2025-14432?

Affected Version(s)

References

CVSS V4

Timeline