Cyber Resilience

CVE-2025-11531

Medium

Published: 09 December 2025

Published
09 December 2025
Modified
21 January 2026
KEV Added
Patch
CVSS Score v4 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0009 26.2th percentile
Risk Priority 10 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-11531 is a medium-severity Path Traversal (CWE-22) vulnerability in Hp Omen Gaming Hub. Its CVSS base score is 4.8 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 26.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2025-11531 is a path traversal vulnerability (CWE-22) affecting HP System Event Utility and Omen Gaming Hub. These components might allow execution of certain files outside of their restricted paths, enabling potential unauthorized access or code execution. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its network accessibility, low attack complexity, and significant impacts on confidentiality, integrity, and availability.

An attacker with low privileges (PR:L) on the affected system can exploit this vulnerability over the network (AV:N) with low complexity and no user interaction required. Successful exploitation allows execution of arbitrary files outside the intended restricted paths, potentially granting high-level compromise including data theft, modification, or system disruption.

The HP security bulletin at https://support.hp.com/us-en/document/ish_13537533-13537555-16/hpsbgn04079 details the remediation, which applies to HP System Event Utility version 3.2.12 and Omen Gaming Hub version 1101.2511.101.0. Security practitioners should prioritize updating to these versions to mitigate the issue.

EU & UK References

Vulnerability details

HP System Event Utility and Omen Gaming Hub might allow execution of certain files outside of their restricted paths. This potential vulnerability was remediated with HP System Event Utility version 3.2.12 and Omen Gaming Hub version 1101.2511.101.0.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Why these techniques?

Path traversal enables low-privilege remote attackers to execute arbitrary files, directly facilitating exploitation for privilege escalation (T1068) and exploitation of remote services (T1210).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-2915Same product: Hp System Event Utility
CVE-2025-26507Same vendor: Hp
CVE-2025-40898Shared CWE-22
CVE-2026-8631Same vendor: Hp
CVE-2025-26506Same vendor: Hp
CVE-2026-8632Same vendor: Hp
CVE-2026-20180Shared CWE-22
CVE-2025-40549Shared CWE-22
CVE-2025-62156Shared CWE-22
CVE-2025-46120Shared CWE-22

Affected Assets

hp
omen gaming hub
≤ 1101.2511.101.0
hp
system event utility
≤ 3.2.12

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the path traversal vulnerability by requiring timely identification, reporting, and patching of flaws like this one, with remediation via specific HP software updates.

prevent

Enforces approved authorizations for access to files and paths, preventing execution of arbitrary files outside restricted directories as exploited in this CVE.

prevent

Validates inputs to applications like HP System Event Utility and Omen Gaming Hub, blocking path traversal sequences that enable unauthorized file execution.

References