CVE-2025-43487

A potential privilege escalation through Sudo vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The firmware flaw does not properly implement access controls. HP has addressed the issue in the latest software update.
Configurations

Configuration 1 (hide)

cpe:2.3:a:hp:poly_clariti_manager:*:*:*:*:*:*:*:*

History

02 Oct 2025, 17:41

Type Values Removed Values Added
References () https://support.hp.com/us-en/document/ish_12781425-12781447-16/hbsbpy04037 - () https://support.hp.com/us-en/document/ish_12781425-12781447-16/hbsbpy04037 - Vendor Advisory
CPE cpe:2.3:a:hp:poly_clariti_manager:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.8
First Time Hp
Hp poly Clariti Manager

25 Jul 2025, 15:29

Type Values Removed Values Added
Summary
  • (es) Se ha identificado una posible escalada de privilegios mediante una vulnerabilidad de Sudo en Poly Clariti Manager para versiones anteriores a la 10.12.2. Esta falla de firmware no implementa correctamente los controles de acceso. HP ha solucionado el problema en la última actualización de software.

23 Jul 2025, 00:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-07-23 00:15

Updated : 2025-10-02 17:41


NVD link : CVE-2025-43487

Mitre link : CVE-2025-43487

CVE.ORG link : CVE-2025-43487


JSON object : View

Products Affected

hp

  • poly_clariti_manager
CWE
CWE-250

Execution with Unnecessary Privileges