CVE-2022-23455

HIGH

HP Support Assistant < 9.11 - Privilege Escalation and Unauthorized File Modification

Title source: llm

Description

Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.

References (1)

Core 1

Core References

Vendor Advisory

https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762

Scores

CVSS v3 7.8

EPSS 0.0003

EPSS Percentile 8.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-269

Status published

Products (1)

hp/support_assistant < 9.11

Published Feb 01, 2023

Tracked Since Feb 18, 2026