1 results (0.004 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2

A potential security vulnerability has been identified with certain versions of HP System Event Utility prior to version 1.4.33. This vulnerability may allow a local attacker to execute arbitrary code via an HP System Event Utility system service. Se ha identificado una posible vulnerabilidad de seguridad con determinadas versiones de HP System Event Utility versión anterior a 1.4.33. Esta vulnerabilidad puede permitir a un atacante local ejecutar código arbitrario por medio de un servicio de sistema HP System Event Utility. The HP System Event service "HPMSGSVC.exe" will load an arbitrary EXE and execute it with SYSTEM integrity. • https://www.exploit-db.com/exploits/48057 http://seclists.org/fulldisclosure/2020/Feb/8 https://support.hp.com/us-en/document/c06559359 • CWE-428: Unquoted Search Path or Element •