Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hpHP, HP Product Security Response Team (PSRT)HP:C05648974
HistoryAug 28, 2017 - 12:00 a.m.

HPSBGN03561 rev.2 - HP Support Assistant Potential Escalation of Privilege

2017-08-2800:00:00
HP, HP Product Security Response Team (PSRT)
support.hp.com
8

EPSS

0

Percentile

12.6%

JSON

Potential Security Impact

Escalation of privilege and unauthorized modification of directories or files.

Source: HP, HP Product Security Response Team (PSRT)

Reported by: Danny Wei of Tencent’s Xuanwu Lab

VULNERABILITY SUMMARY

The vulnerability allows attacker to extract binaries into protected file system locations.

RESOLUTION

A patch was released on July 11, 2017 which will automatically update HP Support Assistant clients. This patch is applied in version 12.7.26.1 of the Framework which is part of HP Support Assistant.

To manually update HP Support Assistant to the latest version, please follow the steps below:

  1. Open HP Support Assistant from the start menu.

  2. Click About in the top right.

  3. The latest version of the Framework containing the fix is 12.7.27.15.

  4. If this version or later of the Framework is not installed, select Check for latest version to install it.

Related

openvas 1
cvelist 1
cve 1
nvd 1
prion 1
openvas
openvas
HP Support Assistant Privilege Escalation Vulnerability - Windows
2018-02-23 00:00:00
cvelist
cvelist
CVE-2017-2744
2018-01-23 16:00:00
cve
cve
CVE-2017-2744
2018-01-23 16:29:01
nvd
nvd
CVE-2017-2744
2018-01-23 16:29:01
prion
prion
Design/Logic Flaw
2018-01-23 16:29:00

EPSS

0

Percentile

12.6%

JSON
Related for HP:C05648974
openvas1cvelist1cve1nvd1prion1