Local Priv Escalation in HP Touchpoint Analytics Service <4.2.2439
CVE-2025-1697 Published on April 18, 2025
HP Touchpoint Analytics Service – Potential Escalation of Privilege
A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for certain HP PC products with versions prior to 4.2.2439. This vulnerability could potentially allow a local attacker to escalate privileges. HP is providing software updates to mitigate this potential vulnerability.
Weakness Type
What is an insecure temporary file Vulnerability?
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
CVE-2025-1697 has been classified to as an insecure temporary file vulnerability or weakness.
Affected Versions
HP, Inc. HP Touchpoint Analytics Service Version See HP security bulletin reference for affected versions is affected by CVE-2025-1697Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.