CVE-2024-1695 (GCVE-0-2024-1695)

Vulnerability from cvelistv5 – Published: 2024-05-06 20:47 – Updated: 2025-03-13 13:56
VLAI?
Summary
A potential security vulnerability has been identified in the HP Application Enabling Software Driver for certain HP PC products, which might allow escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability.
Severity ?
5.7 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H
CWE
Assigner
hp
References
Impacted products
Vendor Product Version
HP Inc. HP Application Enabling Software Driver Affected: See HP Security Bulletin reference for affected versions.
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:48:21.737Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.hp.com/us-en/document/ish_10555591-10555627-16/hpsbhf03932"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.7,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-1695",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-04T16:05:03.092558Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-13T13:56:03.944Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "HP Application Enabling Software Driver",
          "vendor": "HP Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "See HP Security Bulletin reference for affected versions."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A potential security vulnerability has been identified in the HP Application Enabling Software Driver for certain HP PC products, which might allow escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-06T20:47:35.746Z",
        "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "shortName": "hp"
      },
      "references": [
        {
          "url": "https://support.hp.com/us-en/document/ish_10555591-10555627-16/hpsbhf03932"
        }
      ],
      "x_generator": {
        "engine": "cveClient/1.0.15"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
    "assignerShortName": "hp",
    "cveId": "CVE-2024-1695",
    "datePublished": "2024-05-06T20:47:35.746Z",
    "dateReserved": "2024-02-20T23:12:57.661Z",
    "dateUpdated": "2025-03-13T13:56:03.944Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-1695\",\"sourceIdentifier\":\"hp-security-alert@hp.com\",\"published\":\"2024-05-06T21:15:48.260\",\"lastModified\":\"2024-11-21T08:51:06.360\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A potential security vulnerability has been identified in the HP Application Enabling Software Driver for certain HP PC products, which might allow escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una posible vulnerabilidad de seguridad en el controlador de software de habilitaci\u00f3n de aplicaciones de HP para ciertos productos de PC HP, que podr\u00eda permitir una escalada de privilegios. HP est\u00e1 lanzando actualizaciones de software para mitigar esta posible vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H\",\"baseScore\":5.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.5,\"impactScore\":5.2}]},\"references\":[{\"url\":\"https://support.hp.com/us-en/document/ish_10555591-10555627-16/hpsbhf03932\",\"source\":\"hp-security-alert@hp.com\"},{\"url\":\"https://support.hp.com/us-en/document/ish_10555591-10555627-16/hpsbhf03932\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://support.hp.com/us-en/document/ish_10555591-10555627-16/hpsbhf03932\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T18:48:21.737Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-1695\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-04T16:05:03.092558Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-07T15:10:44.550Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"HP Inc.\", \"product\": \"HP Application Enabling Software Driver\", \"versions\": [{\"status\": \"affected\", \"version\": \"See HP Security Bulletin reference for affected versions.\"}], \"defaultStatus\": \"unknown\"}], \"references\": [{\"url\": \"https://support.hp.com/us-en/document/ish_10555591-10555627-16/hpsbhf03932\"}], \"x_generator\": {\"engine\": \"cveClient/1.0.15\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A potential security vulnerability has been identified in the HP Application Enabling Software Driver for certain HP PC products, which might allow escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability.\"}], \"providerMetadata\": {\"orgId\": \"74586083-13ce-40fd-b46a-8e5d23cfbcb2\", \"shortName\": \"hp\", \"dateUpdated\": \"2024-05-06T20:47:35.746Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-1695\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-13T13:56:03.944Z\", \"dateReserved\": \"2024-02-20T23:12:57.661Z\", \"assignerOrgId\": \"74586083-13ce-40fd-b46a-8e5d23cfbcb2\", \"datePublished\": \"2024-05-06T20:47:35.746Z\", \"assignerShortName\": \"hp\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.