.. / CVE-2024-27460

Exploit for HP Plantronics Hub 3.25.1 - Local Privilege Escalation (CVE-2024-27460)

Description:

HP Plantronics Hub 3.25.1 suffers from a bug that allows low privileged users to perform arbitrary file read as SYSTEM on the machine where the application is installed. Moreover, it is possible to abuse this flaw to escalate privileges to the SYSTEM user.

Affected Products:

Proof of Concept

PoC exploits

References:

https://nvd.nist.gov/vuln/detail/CVE-2024-27460
https://mantodeasecurity.de/en/2024/05/cve-2024-27460-plantronics-hub-lpe/