CVE-2022-23453

CWE-276Incorrect Default Permissions3 documents3 sources
Severity
7.8HIGH
EPSS
0.0%
top 91.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
HP Support AssistantHP Inc. HP Support Assistant
Timeline
PublishedFeb 1

Description

Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5hp_inc./hp_support_assistantSee HP Security Bulletin reference for affected versions.

🔴Vulnerability Details

2
GHSA
GHSA-hmx8-973g-mf9c: Potential security vulnerabilities have been identified in HP Support Assistant2023-02-01
CVEList
CVE-2022-23453: Potential security vulnerabilities have been identified in HP Support Assistant2023-01-30
CVE-2022-23453 (HIGH CVSS 7.8) | Potential security vulnerabilities | cvebase.io