Buffer Overflow Vulnerability Affecting HP LaserJet Pro Products
CVE-2023-35178

8.8HIGH

Key Information:

Vendor: HP
Status: HP Laserjet Pro
Vendor: CVE Published:; 30 June 2023

Summary

Certain HP LaserJet Pro print products are potentially vulnerable to a buffer overflow condition that may occur when a GET request is executed to initiate scan jobs. If exploited, this vulnerability could allow an attacker to inject arbitrary code, potentially leading to unauthorized access or denial of service. Users are encouraged to review their printer firmware and implement necessary updates to safeguard against such vulnerabilities.

Affected Version(s)

HP LaserJet Pro See HP Security Bulletin reference for affected versions.

References

https://support.hp.com/us-en/document/ish_8651729-8651769...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 30, 2023
Vulnerability Reserved
Jun 14, 2023