Remote Code Execution Vulnerability in HP Print Products
CVE-2022-28721

9.8CRITICAL

Key Information:

Vendor: HP
Status: Certain HP Inkjet Printers, HP Laserjet Pro Printers, HP Pagewide Pro Printers.
Vendor: CVE Published:; 26 September 2022

Summary

Certain HP Print Products may allow an unauthorized attacker to execute arbitrary code remotely. This vulnerability poses significant security risks, enabling potential exploitation by malicious actors. Users are advised to review their device settings and updates to mitigate the threat.

Affected Version(s)

Certain HP inkjet printers, HP LaserJet Pro printers, HP PageWide Pro printers. Multiple

References

https://support.hp.com/us-en/document/ish_6839789-6839813...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 26, 2022
Vulnerability Reserved
Apr 5, 2022