Unauthorized Device Reconfiguration in HP LaserJet Pro Printers
CVE-2021-3705

9.8CRITICAL

Key Information:

Vendor: HP
Status: HP Laserjet Pro M501 Series J8h61a; HP Laserjet Pro M501 Series J8h60a
Vendor: CVE Published:; 1 November 2021

Summary

A security vulnerability in certain HP LaserJet Pro printers allows unauthorized users to reconfigure and reset the device. This poses a significant risk to sensitive data and printer functionality, as it could lead to unauthorized changes and manipulation of device settings. It is crucial for users to ensure that their devices are updated and properly secured to mitigate these risks.

Affected Version(s)

HP LaserJet Pro M501 Series J8H61A; HP LaserJet Pro M501 Series J8H60A before 20210810

References

https://support.hp.com/us-en/document/ish_4411563-4411589...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 1, 2021
Vulnerability Reserved
Aug 13, 2021