CVE-2022-23454

Published: Feb 1, 2023Modified: Mar 27, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.

Affected (1)

Products: Hp: Support Assistant

1 product

Support Assistant

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Hp Support Assistant	Before 9.11

Related CWEs

CWE-276

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (2)

https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762

Source: hp-security-alert@hp.com

Vendor Advisory

https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.