CVE-2025-43487 | THREATINT

Description

A potential privilege escalation through Sudo vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The firmware flaw does not properly implement access controls. HP has addressed the issue in the latest software update.

PUBLISHED Reserved 2025-04-16 | Published 2025-07-22 | Updated 2025-07-23 | Assigner hp

MEDIUM: 6.9CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N

Problem types

CWE-250: Execution with Unnecessary Privileges

Product status

Default status

unknown

See HP Security Bulletin reference for affected versions.

affected

References

support.hp.com/...ument/ish_12781425-12781447-16/hbsbpy04037

cve.org (CVE-2025-43487)

nvd.nist.gov (CVE-2025-43487)

Download JSON