19 matches found
CVE-2019-6328
CVE-2019-6328 affects HP Support Assistant 8.7.50 and earlier. Connected exploit details describe a local privilege escalation via the HP Support Framework service: the HPSAObjUtil8 component changes permissions of XML files under C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA...
CVE-2019-6329
CVE-2019-6329 is a local privilege escalation affecting HP Support Assistant 8.7.50 and earlier. The connected exploit repository details a chain: when the user triggers the HP.SupportFramework.ServiceManager interface RunAnalysis, HPSAObjUtil8.exe runs with SYSTEM privileges and modifies permiss...
CVE-2022-23454
CVE-2022-23454 affects HP Support Assistant. The connected documents describe vulnerabilities enabling privilege escalation, integrity compromise, and unauthorized file modification, with an attack vector limited to local access and user interaction not required, yielding a high impact (CVSS v3.1...
CVE-2022-23456
CVE-2022-23456 relates to HP Support Assistant and is described in multiple sources as a potential arbitrary file deletion vulnerability. The connected Red Hat/EU ENISA/Nessus entries corroborate the issue title but do not introduce new technical details beyond what HP documents state. The HP adv...
CVE-2022-38395
Summary: CVE-2022-38395 affects HP Support Assistant that uses Fusion to launch HP Performance Tune-up. The underlying issue is a DLL hijacking vulnerability that could allow a local attacker to elevate privileges when Fusion starts the HP Performance Tune-up. What’s affected (supported by docume...
CVE-2022-23455
The CVE-2022-23455 entry concerns HP Support Assistant. Reported vulnerabilities include privilege escalation, integrity compromise, allowing communication with untrusted clients, and unauthorized modification of files. No exploit details are provided. Remediation guidance from the associated HP ...
CVE-2022-23453
CVE-2022-23453 affects HP Support Assistant. The HP advisory HPSBGN03762 documents multiple vulnerabilities in HP Support Assistant, including privilege escalation, integrity compromise, communication with untrusted clients, and unauthorized modification of files. The CVSS 3.1 metrics indicate a ...
CVE-2020-6920
CVE-2020-6920 affects HP Support Assistant. According to connected documents, multiple vulnerabilities have been identified in HP Support Assistant software, including privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of fil...
CVE-2020-6917
CVE-2020-6917 concerns HP Support Assistant with vulnerabilities that can compromise integrity and allow communication with untrusted clients. Connected sources describe authorization issues in HP Support Assistant and cross-referenced CVEs (including 6917) affecting multiple versions. The HP adv...
CVE-2020-6921
CVE-2020-6921 affects HP Support Assistant. The record documents potential security vulnerabilities including compromise of integrity and the ability to communicate with untrusted clients. No exploitation details are provided in the connected documents. The CVE entry is linked to HP’s advisory HP...
CVE-2025-43026
HP Support Assistant is affected in versions prior to 9.44.18.0 by a local privilege-escalation vulnerability via arbitrary file write. The issue is documented across multiple sources (NVD/NiST/Nessus plugin and vendor guidance) with a consistent remediation: upgrade to version 9.44.18.0 or later...
CVE-2020-6922
CVE-2020-6922 applies to HP Support Assistant with potential integrity compromise and exposure to untrusted clients. Connected records confirm multiple vulnerabilities in HP Support Assistant and point to the HP advisory HPSBGN03762 with guidance to update to the latest version; no specific fixed...
CVE-2016-2245
HP Support Assistant prior to 8.1.52.1 contains an authentication bypass vulnerability (CVE-2016-2245). Remote attackers could bypass authentication via unspecified vectors. Impact per sources indicates high confidentiality/integrity/availability concerns (CVSS v3 base score 9.8, critical). HP ha...
CVE-2020-6918
CVE-2020-6918 affects HP Support Assistant. The connected sources describe multiple vulnerabilities in HP Support Assistant software, including privilege escalation, integrity compromise, and the ability to communicate with untrusted clients. HP advises updating to the latest HP Support Assistant...
CVE-2020-6919
CVE-2020-6919 relates to HP Support Assistant vulnerabilities leading to potential integrity compromise and communication with untrusted clients. Documented issues include privilege escalation, unauthorized file modifications, and exposure of sensitive data. Exploitation details are not provided ...
CVE-2018-5927
CVE-2018-5927 affects HP Support Assistant prior to version 8.7.50.3. The HP advisory (C06242762) documents an arbitrary code execution risk via a DLL loading vulnerability exploitable by a local attacker with access to the host; the impact is local code execution with high impact on confidential...
CVE-2017-2744
HP Support Assistant (Windows) is affected by CVE-2017-2744, where an attacker could extract binaries into protected file-system locations. The issue affects the HP Support Assistant Framework prior to 12.7.26.1, enabling privilege escalation via manipulation of protected directories. HP’s adviso...
CVE-2025-43019
HP Support Assistant is affected by CVE-2025-43019, a local privilege-escalation vulnerability arising from arbitrary file deletion. Connected sources confirm the issue and relate it to the HP Support Assistant product lines, with HP’s advisory HPSBGN04031 noting affected versions and a minimum m...
CVE-2025-10578
CVE-2025-10578 affects HP Support Assistant, prior to version 9.47.41.0. The documented impact is local privilege escalation via an arbitrary file write. The connected sources consistently identify the affected product and version range, and recommend updating to 9.47.41.0 or later as the remedia...