hp SA <9.47.41: Local Priv Esc via File Write
CVE-2025-10578 Published on October 1, 2025
HP Support Assistant - Potential Escalation of Privilege
A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.47.41.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write.
Weakness Type
Improper Privilege Management
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Products Associated with CVE-2025-10578
Want to know whenever a new CVE is published for HP Support Assistant? stack.watch will email you.
Affected Versions
HP Inc. HP Support Assistant Version See HP Security Bulletin reference for affected versions. is unknown by CVE-2025-10578Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.