Potential Information Disclosure and Remote Code Execution in HP Print Devices
CVE-2022-24291

7.5HIGH

Key Information:

Vendor: HP
Status: HP Laserjet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers
Vendor: CVE Published:; 23 March 2022

Summary

Certain HP Print devices may be susceptible to vulnerabilities that could allow attackers to gain unauthorized access to sensitive information, cause denial of service, or execute arbitrary code remotely. This exposes users to significant security risks, emphasizing the importance of immediate attention to security updates and patches for affected models.

Affected Version(s)

HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers before 002_2208A

HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers before 2205D

HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers before 001.2210B

References

https://support.hp.com/us-en/document/ish_5950417-5950443-16

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 23, 2022
Vulnerability Reserved
Feb 1, 2022