CVE-2026-7539 | A potential security vulnerability has been identified in th… | CVSS 7.3 HIGH

Description

A potential security vulnerability has been identified in the HP Accessory WMI Provider installer for some HP Docking Stations, which might allow escalation of privilege and/or arbitrary code execution. HP is releasing software updates to mitigate the potential vulnerability.

Metadata

CVE ID: CVE-2026-7539
State: PUBLISHED
Assigner: hp
Reserved: 2026-04-30 18:32 UTC
Published: 2026-06-24 19:47 UTC
Last updated: 2026-06-24 19:47 UTC
Primary CWE: CWE-379
CWE-379 Creation of temporary file in directory with insecur…
Vendor / Product: HP Inc. / HP Dock Accessory
Sources: cve.org · NVD

Severity & Metrics

7.3 HIGH CVSS 4.0

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Affected products (1)

Vendor	Product	Platform	Versions
HP Inc.	HP Dock Accessory	—	0 < <1.4.11.0

Weakness (CWE)

CWE	Source	Description
CWE-379	cna	CWE-379 Creation of temporary file in directory with insecure permissions

CVSS scores (1)

Score	Severity	Version	Source	Vector
7.3	HIGH	4.0	cna	CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

References (1)

https://support.hp.com/us-en/document/ish_15190804-15190818-16/hpsbhf04129