CVE-2025-43487

CWE-2503 documents3 sources
Severity
6.9MEDIUM
EPSS
0.0%
top 91.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
HP Poly Clariti ManagerHP Inc. Poly Clariti Manager
Timeline
PublishedJul 23

Description

A potential privilege escalation through Sudo vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The firmware flaw does not properly implement access controls. HP has addressed the issue in the latest software update.

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N

Affected Packages2 packages

CVEListV5hp_inc./poly_clariti_managerSee HP Security Bulletin reference for affected versions.

🔴Vulnerability Details

2
GHSA
GHSA-qpv3-7h3c-xw8v: A potential privilege escalation through Sudo vulnerability has been identified in the Poly Clariti Manager for versions prior to 102025-07-23
CVEList
Poly Clariti Manager - Multiple Security Vulnerabilities2025-07-22
CVE-2025-43487 (MEDIUM CVSS 6.9) | A potential privilege escalation th | cvebase.io