Privilege Escalation Vulnerability in HP Touchpoint Analytics Service
CVE-2025-1697

6.9MEDIUM

Key Information:

Vendor: HP, Inc.
Status: HP ToucHPoint Analytics Service
Vendor: CVE Published:; 18 April 2025

What is CVE-2025-1697?

A security vulnerability has been identified in the HP Touchpoint Analytics Service, impacting certain HP PC products with versions earlier than 4.2.2439. This vulnerability could enable a local attacker to elevate their privileges, potentially allowing unauthorized control over the affected systems. HP is actively working on providing software updates to address and mitigate this vulnerability.

Affected Version(s)

HP Touchpoint Analytics Service See HP security bulletin reference for affected versions

References

https://support.hp.com/us-en/document/ish_12269975-122699...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 18, 2025

HP, Inc.

What is CVE-2025-1697?

Affected Version(s)

References

CVSS V4

Timeline