CVE-2023-26298

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jun 12, 2023

Updated: Jan 6, 2025

CWE ID 77

Summary

CVE-2023-26298 is a vulnerability affecting previous versions of HP Device Manager. This issue could enable an attacker to execute command injection and possibly elevate privileges, potentially compromising the affected system. HP Device Manager, a utility used for managing and configuring HP devices, is the target of this vulnerability. The latest version, HPDM 5.0.10, has addressed this security concern. It is highly recommended that users update their HP Device Manager software to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

HP Device Manager

Affected Vendors

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/q1CS4s
https://www.cve.org/CVERecord?id=CVE-2023-26298
https://nvd.nist.gov/vuln/detail/CVE-2023-26298

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Know What Matters

For Customers

For Partners