CNNVD-202512-384 Information

CNNVD ID

CNNVD-202512-384

Related CVE

CVE-2025-13492

• CNNVD Published: 2025-12-03

Description (Chinese)

HP Image Assistant是美国惠普（HP）公司的一款免费工具，可扫描计算机并安装推荐的BIOS更新、驱动程序和HP商用PC软件。 HP Image Assistant 5.3.3之前版本存在安全漏洞，该漏洞源于安装包时存在竞争条件，可能导致本地权限提升。

Description (English)

HP Image Assistant is a free U.S. Hewlett-Packard (HP) tool to scan computers and install recommended BIOS upgrades, drivers and HP commercial PC software. Prior to HP Image Assistant 5.3.3, there was a security loophole, which stemmed from competitive conditions at the time of the installation of the package, which could lead to an increase in local privileges.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

惠普

Published

2025-12-03

Last Modified

2026-02-24

References

https://support.hp.com/us-en/document/ish_13505078-13505143-16/hpsbgn04078 https://access.redhat.com/security/cve/cve-2025-13492

Patch

https://ftp.ext.hp.com/pub/caps-softpaq/cmit/HPIA.html