MEDIUM🇬🇧 English

CVE-2025-13492

CVSS 5.4v4.0pub. 2025-12-03upd. 2025-12-05

A potential security vulnerability has been identified in HP Image Assistant for versions prior to 5.3.3. The vulnerability could potentially allow a local attacker to escalate privileges via a race condition when installing packages.

oryginał EN
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • HP Image Assistant

    APP
    Hp
    < 5.3.3
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
LPERace Condition
CWE
Referencje

Powiązane podatności

CVE-2023-32673CRITICAL9.8ten sam produkt

Certain versions of HP PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmwar...

CVE-2023-5739HIGH7.8ten sam produkt

Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to elevation of privilege.

CVE-2017-5638CRITICAL9.8⚠ KEVten sam vendor

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect ex...

CVE-2015-3113CRITICAL9.8⚠ KEVten sam vendor

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on ...

CVE-2013-4810CRITICAL9.8⚠ KEVten sam vendor

HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application ...