Information Disclosure Vulnerability in HP DesignJet and PageWide XL Printers
CVE-2023-1526

4.6MEDIUM

Key Information:

Vendor: HP
Status: HP Designjet And Pagewide Xl
Vendor: CVE Published:; 28 April 2023

Summary

Certain models in the HP DesignJet and PageWide XL series are vulnerable to potential information disclosure. If the hard disk drive is physically removed from these printers, sensitive data could potentially be accessed by unauthorized individuals. It is crucial for users to ensure proper security measures are implemented to mitigate this risk. Users are encouraged to follow the vendor's recommended practices for safeguarding their devices.

Affected Version(s)

HP DesignJet and PageWide XL See HP Security Bulletin reference for affected versions.

References

https://support.hp.com/us-en/document/ish_7869666-7869691...

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 28, 2023
Vulnerability Reserved
Mar 20, 2023