Remote Code Execution Vulnerability in HP LaserJet Printers
CVE-2025-26507

6.3MEDIUM

Key Information:

Vendor: HP, Inc.
Status: Certain HP Laserjet Pro, HP Laserjet Enterprise, HP Laserjet Managed Printers
Vendor: CVE Published:; 14 February 2025

Summary

Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers have a vulnerability that could allow attackers to execute arbitrary code or elevate privileges while processing PostScript print jobs. This could lead to unauthorized access and impact the integrity and confidentiality of printed documents. Users are urged to apply the latest security updates and follow recommended practices to mitigate risks associated with this vulnerability.

Affected Version(s)

Certain HP LaserJet Pro, HP LaserJet Enterprise, HP LaserJet Managed Printers See HP security bulletin reference for affected versions

References

https://support.hp.com/us-en/document/ish_11953771-119537...

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Feb 14, 2025
Vulnerability Reserved
Feb 11, 2025