CVE-2025-11531

High

Published: 09 December 2025

Published

09 December 2025

Modified

21 January 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0008 24.3th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-11531 is a high-severity Path Traversal (CWE-22) vulnerability in Hp Omen Gaming Hub. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 24.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly addresses the path traversal vulnerability by requiring timely identification, reporting, and patching of flaws like this one, with remediation via specific HP software updates.

AC-3 Access Enforcement good match

prevent

Enforces approved authorizations for access to files and paths, preventing execution of arbitrary files outside restricted directories as exploited in this CVE.

SI-10 Information Input Validation good match

prevent

Validates inputs to applications like HP System Event Utility and Omen Gaming Hub, blocking path traversal sequences that enable unauthorized file execution.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

T1210 Exploitation of Remote Services Lateral Movement

Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.

attack.mitre.org →

Why these techniques?

Path traversal enables low-privilege remote attackers to execute arbitrary files, directly facilitating exploitation for privilege escalation (T1068) and exploitation of remote services (T1210).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

HP System Event Utility and Omen Gaming Hub might allow execution of certain files outside of their restricted paths. This potential vulnerability was remediated with HP System Event Utility version 3.2.12 and Omen Gaming Hub version 1101.2511.101.0.

Deeper analysisAI

CVE-2025-11531 is a path traversal vulnerability (CWE-22) affecting HP System Event Utility and Omen Gaming Hub. These components might allow execution of certain files outside of their restricted paths, enabling potential unauthorized access or code execution. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its network accessibility, low attack complexity, and significant impacts on confidentiality, integrity, and availability.

An attacker with low privileges (PR:L) on the affected system can exploit this vulnerability over the network (AV:N) with low complexity and no user interaction required. Successful exploitation allows execution of arbitrary files outside the intended restricted paths, potentially granting high-level compromise including data theft, modification, or system disruption.

The HP security bulletin at https://support.hp.com/us-en/document/ish_13537533-13537555-16/hpsbgn04079 details the remediation, which applies to HP System Event Utility version 3.2.12 and Omen Gaming Hub version 1101.2511.101.0. Security practitioners should prioritize updating to these versions to mitigate the issue.