HP LaserJet Professional M1210 MFP Series system root path privilege escalation |

June 15, 2022

NAME

HP LaserJet Professional M1210 MFP Series system root path privilege escalation

  • Platforms Affected:
    HP LaserJet Professional M1210 MFP Series 20180815_1
  • Risk Level:
    8.4
  • Exploitability:
    Unproven
  • Consequences:
    Gain Privileges

DESCRIPTION

HP LaserJet Professional M1210 MFP Series could allow a local attacker to gain elevated privileges on the system, caused by an unquoted service path in the system root path. An attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the application.

CVSS 3.0 Information

  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Access Vector: Local
  • Access Complexity: Low
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
  • Remediation Level: Unavailable

MITIGATION

No remedy available as of June 14, 2022.

  • Reference Link:
    https://www.exploit-db.com/exploits/50959
  • Reference Link:
    https://www.hp.com/us-en/home.html

If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.

Digital Patreon Wordmark FieryCoralv2

You may have missed

image

[RANSOMHUB] – Ransomware Victim: allconstructiongroupwv[.]com

November 18, 2024
image

[FOG] – Ransomware Victim: Waters Truck and Tractor (waterstruck[.]com)

November 18, 2024
image

[HUNTERS] – Ransomware Victim: Dorner Law & Title Services

November 18, 2024
image

[AKIRA] – Ransomware Victim: H2OBX Waterpark

November 18, 2024
image

[AKIRA] – Ransomware Victim: HUTTER ACUSTIX

November 18, 2024