CVE-2025-43019

CWE-269Improper Privilege Management3 documents3 sources
Severity
5.8MEDIUM
EPSS
0.0%
top 97.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
HP Inc. HP Support AssistantHP Support Assistant
Timeline
PublishedJul 8

Description

A potential security vulnerability has been identified in the HP Support Assistant, which allows a local attacker to escalate privileges via an arbitrary file deletion.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

NVDhp/support_assistant9.46.17.0
CVEListV5hp_inc./hp_support_assistantSee HP Security Bulletin reference for affected versions.

🔴Vulnerability Details

2
CVEList
HP Support Assistant – Potential Escalation of Privilege2025-07-08
GHSA
GHSA-8fqh-pm2q-8h5v: A potential security vulnerability has been identified in the HP Support Assistant, which allows a local attacker to escalate privileges via an arbitr2025-07-08
CVE-2025-43019 (MEDIUM CVSS 5.8) | A potential security vulnerability | cvebase.io