CVE-2024-28893

high

HPE

CVSS v3 Base Score

7.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

EPSS Score

0.4%

Exploitation probability in 30 days

Top 43% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Confidentiality

High

Integrity

High

Availability

High

Published: May 1, 2024 (743 days ago)

Last Modified: January 14, 2026

Vendor: HPE

Description

Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary code execution when the SoftPaq configuration file has been modified after extraction. HP has released updated software packages (SoftPaqs).

CWE

CWE-94

Affected Products

hp softpaqs

References

🔗 support.hp.com 🔗 support.hp.com

CVE-2024-28893

Vulnerability Report

Description

CWE

Affected Products

References