Privilege Escalation Vulnerability in HP Support Assistant
CVE-2025-43026

7.1HIGH

Key Information:

Vendor

HP, Inc.

Vendor
CVE Published:
5 June 2025

What is CVE-2025-43026?

A security flaw has been detected in HP Support Assistant, specifically in versions prior to 9.44.18.0. This vulnerability allows local attackers to escalate their privileges by manipulating file write operations, which may lead to unauthorized actions within the software. It is crucial for users to update to the latest version to safeguard against potential exploitation.

Affected Version(s)

HP Support Assistant See HP security bulletin reference for affected versions

References

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-43026 : Privilege Escalation Vulnerability in HP Support Assistant