Vulnerability Description
In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center (TAC) to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration changes made using the provisioning server or the device WebUI.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Poly Videoos | < 4.6.1-444242 |
| Hp | Poly Eagleeye Cube | - |
| Hp | Poly Eagleeye Iv | - |
| Hp | Poly Studio A2 | - |
| Hp | Poly Studio E60 | - |
| Hp | Poly Studio E70 | - |
| Hp | Poly Studio G62 | - |
| Hp | Poly Studio G7500 | - |
| Hp | Poly Studio Usb | - |
| Hp | Poly Studio X30 | - |
| Hp | Poly Studio X32 | - |
| Hp | Poly Studio X50 | - |
| Hp | Poly Studio X52 | - |
| Hp | Poly Studio X70 | - |
| Hp | Poly Studio X72 | - |
| Hp | Poly Tcos | < 6.6.1-7001859 |
| Hp | Poly Tc10 | - |
| Hp | Poly Tc8 | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-14432?
CVE-2025-14432 is a vulnerability with a CVSS score of 4.9 (MEDIUM). In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center (TAC) to make device configuration changes. The affected log file is visible only to...
How severe is CVE-2025-14432?
CVE-2025-14432 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-14432?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Poly Videoos, Hp Poly Eagleeye Cube, Hp Poly Eagleeye Iv, Hp Poly Studio A2, Hp Poly Studio E60.