Hp Support Assistant vulnerabilities

CVE-2025-10578 [MEDIUM] CWE-269 CVE-2025-10578: A potential security vulnerability has been identified in the HP Support Assistant for versions prio A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.47.41.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write.

CVE-2025-43019 [MEDIUM] CWE-269 CVE-2025-43019: A potential security vulnerability has been identified in the HP Support Assistant, which allows a l A potential security vulnerability has been identified in the HP Support Assistant, which allows a local attacker to escalate privileges via an arbitrary file deletion.

CVE-2025-43026 [HIGH] CWE-281 CVE-2025-43026: A potential security vulnerability has been identified in the HP Support Assistant for versions prio A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.44.18.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write.

CVE-2022-23453 [HIGH] CWE-276 CVE-2022-23453: Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabiliti Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.

CVE-2022-23455 [HIGH] CWE-269 CVE-2022-23455: Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabiliti Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.

CVE-2022-23454 [HIGH] CWE-276 CVE-2022-23454: Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabiliti Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.

CVE-2022-38395 [HIGH] CWE-427 CVE-2022-38395: HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fus HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up.

CVE-2020-6917 [HIGH] CVE-2020-6917: Potential security vulnerabilities including compromise of integrity, and allowed communication with Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.

CVE-2020-6919 [HIGH] CVE-2020-6919: Potential security vulnerabilities including compromise of integrity, and allowed communication with Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.

CVE-2020-6918 [HIGH] CVE-2020-6918: Potential security vulnerabilities including compromise of integrity, and allowed communication with Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.

CVE-2020-6921 [HIGH] CVE-2020-6921: Potential security vulnerabilities including compromise of integrity, and allowed communication with Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.

CVE-2020-6922 [HIGH] CVE-2020-6922: Potential security vulnerabilities including compromise of integrity, and allowed communication with Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.

CVE-2020-6920 [MEDIUM] CVE-2020-6920: Potential security vulnerabilities including compromise of integrity, and allowed communication with Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.

CVE-2022-23456 [MEDIUM] CVE-2022-23456: Potential arbitrary file deletion vulnerability has been identified in HP Support Assistant software Potential arbitrary file deletion vulnerability has been identified in HP Support Assistant software.

CVE-2019-6329 [HIGH] CVE-2019-6329: HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthoriz HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6328.

CVE-2019-6328 [HIGH] CVE-2019-6328: HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthoriz HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6329.

CVE-2018-5927 [HIGH] CVE-2018-5927: HP Support Assistant before 8.7.50.3 allows an unauthorized person with local access to load arbitra HP Support Assistant before 8.7.50.3 allows an unauthorized person with local access to load arbitrary code.

CVE-2017-2744 [MEDIUM] CWE-200 CVE-2017-2744: The vulnerability allows attacker to extract binaries into protected file system locations in HP Sup The vulnerability allows attacker to extract binaries into protected file system locations in HP Support Assistant before 12.7.26.1.

CVE-2016-2245 [CRITICAL] CWE-287 CVE-2016-2245: HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecifie HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors.