CVE-2025-0858

Summary

A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in certain Poly devices. The firmware flaw does not properly prevent path traversal and could lead to information disclosure.

Affected Software

VendorProductVersion RangeStatus
HP, Inc.Certain Poly DevicesSee HP security bulletin reference for affected versionsaffected

Weaknesses

  • CWE-35: CWE-35: Path Traversal: '…/…//'

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References