Refine your search
2 vulnerabilities found for HP System Event Utility by HP Inc
CVE-2026-2915 (GCVE-0-2026-2915)
Vulnerability from cvelistv5
Published
2026-03-03 19:25
Modified
2026-03-03 19:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- HP System Event Utility – Denial of Service
Summary
HP System Event Utility might allow denial of service with elevated arbitrary file writes. This potential vulnerability was
remediated with HP System Event Utility version 3.2.16.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc | HP System Event Utility |
Version: 0 < 3.2.16 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2915",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T19:35:22.308327Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T19:36:10.534Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "HP System Event Utility",
"vendor": "HP Inc",
"versions": [
{
"lessThan": "3.2.16",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp_inc:hp_system_event_utility:*:*:windows:*:*:*:*:*",
"versionEndExcluding": "3.2.16",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HP System Event Utility might allow denial of service with elevated arbitrary file writes. This potential vulnerability was\n remediated with HP System Event Utility version 3.2.16."
}
],
"value": "HP System Event Utility might allow denial of service with elevated arbitrary file writes. This potential vulnerability was\n remediated with HP System Event Utility version 3.2.16."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "HP System Event Utility \u2013 Denial of Service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T19:25:56.542Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_14271963-14271996-16/hpsbgn04097"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HP System Event Utility \u2013 Denial of Service",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2026-2915",
"datePublished": "2026-03-03T19:25:56.542Z",
"dateReserved": "2026-02-20T20:33:06.903Z",
"dateUpdated": "2026-03-03T19:36:10.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11531 (GCVE-0-2025-11531)
Vulnerability from cvelistv5
Published
2025-12-09 18:29
Modified
2025-12-09 19:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
HP System Event Utility and Omen Gaming Hub might allow execution of
certain files outside of their restricted paths. This
potential vulnerability was remediated with HP System
Event Utility version 3.2.12 and Omen Gaming Hub version
1101.2511.101.0.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| HP Inc | HP System Event Utility |
Version: 0 < 3.2.12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11531",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T19:25:57.896127Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T19:26:04.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "HP System Event Utility",
"vendor": "HP Inc",
"versions": [
{
"lessThan": "3.2.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Omen Gaming Hub",
"vendor": "HP Inc",
"versions": [
{
"lessThan": "1101.2511.101.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp_inc:hp_system_event_utility:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.12",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp_inc:omen_gaming_hub:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1101.2511.101.0",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HP System Event Utility and Omen Gaming Hub might allow execution of \ncertain files outside of their restricted paths. This\n potential vulnerability was remediated with HP System \nEvent Utility version 3.2.12 and Omen Gaming Hub version \n1101.2511.101.0."
}
],
"value": "HP System Event Utility and Omen Gaming Hub might allow execution of \ncertain files outside of their restricted paths. This\n potential vulnerability was remediated with HP System \nEvent Utility version 3.2.12 and Omen Gaming Hub version \n1101.2511.101.0."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T18:29:51.181Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_13537533-13537555-16/hpsbgn04079"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HP System Event Utility and Omen Gaming Hub \u2013 Potential Arbitrary Code Execution",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2025-11531",
"datePublished": "2025-12-09T18:29:51.181Z",
"dateReserved": "2025-10-08T19:07:15.960Z",
"dateUpdated": "2025-12-09T19:26:04.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}