Buffer Overflow in HP LaserJet Pro Products Leading to Remote Code Execution
CVE-2023-27972

9.8CRITICAL

Key Information:

Vendor: HP
Status: HP Laserjet Pro
Vendor: CVE Published:; 28 April 2023

What is CVE-2023-27972?

Certain HP LaserJet Pro print products exhibit a vulnerability that may allow for buffer overflow, potentially leading to remote code execution. This flaw could be exploited by an attacker to execute arbitrary code on affected devices, compromising sensitive data and network integrity. It's crucial for users to apply the necessary updates and patches to mitigate risks associated with this issue, ensuring their printing environments remain secure.

Affected Version(s)

HP LaserJet Pro See HP Security Bulletin reference for affected versions.

References

https://support.hp.com/us-en/document/ish_7920078-7920104...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 28, 2023
Vulnerability Reserved
Mar 8, 2023