CVE-2026-7539 PUBLISHED

HP Dock Accessory WMI Provider Installer Security Update

Assigner: hp
Reserved: 30.04.2026 Published: 24.06.2026 Updated: 25.06.2026

A potential security vulnerability has been identified in the HP Accessory WMI Provider installer for some HP Docking Stations, which might allow escalation of privilege and/or arbitrary code execution. HP is releasing software updates to mitigate the potential vulnerability.

Metrics

CVSS 4.0

CVSS Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
CVSS Score: 7.3

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Local	Confidentiality	High	Confidentiality	High
Attack Complexity	High	Integrity	High	Integrity	High
Attack Requirements	Present	Availability	High	Availability	High
Privileges Required	Low
User Interaction	Passive

CVSS 4.0

Product Status

Vendor	HP Inc.
Product	HP Dock Accessory
Versions	Default: unaffected affected from 0 to <1.4.11.0 (excl.)

References

https://support.hp.com/us-en/document/ish_15190804-15190818-16/hpsbhf04129

Problem Types

CWE-379 Creation of temporary file in directory with insecure permissions CWE