Stack-Based Buffer Overflow in HP LaserJet Pro Printers
CVE-2023-35177

8.8HIGH

Key Information:

Vendor: HP
Status: HP Laserjet Pro
Vendor: CVE Published:; 30 June 2023

Summary

Certain HP LaserJet Pro print products are susceptible to a stack-based buffer overflow due to flaws in the compact font format parser. This vulnerability could allow an attacker to execute arbitrary code in the context of the affected printer, potentially compromising sensitive information and enabling further exploitation of the network. Users are advised to apply security patches and stay updated on mitigation strategies provided by HP.

Affected Version(s)

HP LaserJet Pro See HP Security Bulletin reference for affected versions.

References

https://support.hp.com/us-en/document/ish_8651888-8651916...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 30, 2023
Vulnerability Reserved
Jun 14, 2023