Deserialization Vulnerability in Poly Clariti Manager by HP
CVE-2025-43489

2LOW

Key Information:

Vendor: HP
Status: Poly Clariti Manager
Vendor: CVE Published:; 23 July 2025

What is CVE-2025-43489?

A deserialization vulnerability has been discovered in Poly Clariti Manager that allows the software to process untrusted data without proper validation. This flaw, found in versions prior to 10.12.1, poses a potential security risk as it may enable unintended actions or data manipulation. HP has released an update to address this issue, highlighting the importance of maintaining up-to-date software to mitigate such vulnerabilities.

Affected Version(s)

Poly Clariti Manager See HP Security Bulletin reference for affected versions.

References

https://support.hp.com/us-en/document/ish_12781425-127814...

CVSS V4

Score:

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 23, 2025