CVE-2016-2246
HIGHHP ThinPro 4.4-6.1 - Privilege Escalation via Keyboard Layout Control Panel
Title source: llmDescription
HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspecified vectors.
References (2)
Core 2
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_hp
http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05291676
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/93904
Scores
CVSS v3
7.8
EPSS
0.0009
EPSS Percentile
24.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-264
Status
published
Products (7)
hp/thinpro
4.4
hp/thinpro
5.0
hp/thinpro
5.1
hp/thinpro
5.2
hp/thinpro
5.2.1
hp/thinpro
6.0
hp/thinpro
6.1
Published
Dec 29, 2016
Tracked Since
Feb 18, 2026