CVE-2025-43487 MEDIUM

CVE-2025-43487: Poly Clariti Manager - Multiple Security Vulnerabilities

Vendor Hp Inc.
Product Poly Clariti Manager
Weakness CWE-250
Published July 22, 2025
Last update July 23, 2025

CVSS base score

6.9/10
Attack vector Adjacent
Attack complexity Low
Privileges required High
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N

What the vulnerability does

01Description

A potential privilege escalation through Sudo vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The firmware flaw does not properly implement access controls. HP has addressed the issue in the latest software update.

Key dates

02Disclosure timeline

July 22, 2025 CVE published
July 23, 2025 Record updated