CVE-2025-43017CRITICAL 9.8EPSS p12.8%

CVE-2025-43017CVE-2025-43017

Description

HP ThinPro 8.1 System management application failed to verify user's true id. HP has released HP ThinPro 8.1 SP8, which includes updates to mitigate potential vulnerabilities.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.22% probability of exploitation · percentile 12.8% · 2026-06-19T12:03:05Z
Published2025-10-28
Last modified2026-01-21

Underlying weaknesses· 1

CWE-250

References

  1. https://support.hp.com/us-en/document/ish_13164593-13164617-16/hpsbhf04066

1

TypeTargetConfidenceTier
WeaknessExecution with Unnecessary Privilegescwe-2500%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-27086
CVE
CVE-2025-37093
CVE
CVE-2025-37107
CVE
CVE-2025-43728
CVE
CVE-2025-37106
CVE
CVE-2025-3319
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.