Unauthorized Elevation of Privilege in HP LaserJet Software
CVE-2019-18916

7.8HIGH

Key Information:

Vendor: HP
Status: HP Color Laserjet Pro Mfp M277 Printers
Vendor: CVE Published:; 9 November 2021

What is CVE-2019-18916?

A security vulnerability has been identified in the HP LaserJet Solution Software that may allow unauthorized users to gain elevated privileges on client systems. This issue affects various HP LaserJet Printers, potentially enabling attackers to perform unauthorized actions. It is crucial for users to update their software to safeguard their devices against exploitation.

Affected Version(s)

HP Color LaserJet Pro MFP M277 printers before 14.0.15344.534

References

https://support.hp.com/us-en/document/c06586963

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 9, 2021
Vulnerability Reserved
Nov 12, 2019