Multiple HP printers buffer overflow | CVE-2022-28721
NAME
Multiple HP printers buffer overflow
- Platforms Affected:
HP DeskJet Ink Advantage 5000 All-in-One Printer series
HP DeskJet Ink Advantage 5200 All-in-One Printer series
HP ENVY Photo 6200 All-in-One Printer series
HP ENVY Photo 7100 All-in-One Printer series
HP ENVY Photo 7800 All-in-One Printer series
HP PageWide 352dw Printer
HP PageWide 377dw Multifunction Printer
HP PageWide Managed P55250dw Printer series
HP PageWide Managed P57750dw Multifunction Printer series
HP Color LaserJet Pro M453
HP Color LaserJet Pro M454
HP Color LaserJet Pro MFP M478
HP Color LaserJet Pro MFP M479 - Risk Level:
9.8 - Exploitability:
Unproven - Consequences:
Gain Access
DESCRIPTION
Multiple HP printers are vulnerable to a buffer overflow, caused by improper bounds checking. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS 3.0 Information
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Access Vector: Network
- Access Complexity: Low
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
- Remediation Level: Official Fix
MITIGATION
Refer to HPSBPI03810 rev. 1 for patch, upgrade or suggested workaround information. See References.
- Reference Link:
https://support.hp.com/us-en/document/ish_6839789-6839813-16/hpsbpi03810 - Reference Link:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28721
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon using the button below
To keep up to date follow us on the below channels.
