Cross-Site Request Forgery Vulnerability in HP DeskJet Printers
CVE-2019-6319

8.1HIGH

Key Information:

Vendor: HP
Status: HP Deskjet 3630 All-in-one Printer Series
Vendor: CVE Published:; 9 January 2020

Summary

HP DeskJet 3630 All-in-One Printers exhibiting certain models are affected by a Cross-Site Request Forgery (CSRF) vulnerability, allowing attackers to exploit this weakness to perform unauthorized actions. This could lead to significant outcomes such as denial of service or misconfiguration of the device settings. Printers running firmware version SWP1FN1912BR or newer are particularly at risk, emphasizing the importance of patching and securing devices to safeguard against potential exploits.

Affected Version(s)

HP DeskJet 3630 All-in-One Printer series F5S43A - F5S57A

HP DeskJet 3630 All-in-One Printer series K4T93A - K4T99C

HP DeskJet 3630 All-in-One Printer series K4U00B - K4U03B

References

https://support.hp.com/us-en/document/c06308143

x_refsource_CONFIRM

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 9, 2020
Vulnerability Reserved
Jan 15, 2019