Information Disclosure Risk in HP Card Readers B Models
CVE-2025-11998

6.8MEDIUM

Key Information:

Vendor: HP
Status: Card Readers B Model
Vendor: CVE Published:; 30 October 2025

What is CVE-2025-11998?

HP Card Readers B Models (X3D03B & Y7C05B) are susceptible to a vulnerability that facilitates information disclosure under specific conditions. This occurs when an NFC device, such as a smartphone or smartwatch, is near the card reader during card swipe events, potentially allowing previous user identities to be established and misused. It's crucial for users to ensure their NFC devices are secured and to monitor access to these card readers to mitigate the associated risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Card Readers B Model 1.0

References

https://support.hp.com/us-en/document/ish_13175687-131757...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Oct 30, 2025
Vulnerability Reserved
Oct 20, 2025

JSON

HP