Skip to main content

Laserjet Pro M453 M454 W1Y40A Firmware CVE-2022-24292

CRITICAL
2022-03-23 hp-security-alert@hp.com
Information Disclosure RCE HP Denial Of Service Laserjet Pro M453 M454 W1Y40A Firmware Laserjet Pro M453 M454 W1Y41A Firmware Laserjet Pro M453 M454 W1Y46A Firmware Laserjet Pro M453 M454 W1Y47A Firmware Laserjet Pro M453 M454 W1Y44A Firmware Laserjet Pro M453 M454 W1Y45A Firmware Laserjet Pro M453 M454 W1Y43A Firmware W1A75A Firmware W1A76A Firmware W1A77A Firmware W1A81A Firmware W1A82A Firmware W1A79A Firmware W1A80A Firmware W1A78A Firmware Laserjet Pro M304 M305 W1A66A Firmware Laserjet Pro M304 M305 W1A46A Firmware Laserjet Pro M304 M305 W1A47A Firmware Laserjet Pro M304 M305 W1A48A Firmware Laserjet Pro M304 M305 W1A51A Firmware Laserjet Pro M304 M305 W1A53A Firmware Laserjet Pro M304 M305 W1A56A Firmware Laserjet Pro M304 M305 W1A63A Firmware Laserjet Pro M304 M305 W1A52A Firmware Laserjet Pro M304 M305 W1A58A Firmware Laserjet Pro M304 M305 W1A59A Firmware Laserjet Pro M304 M305 W1A60A Firmware Laserjet Pro M304 M305 W1A57A Firmware Laserjet Pro M404 M405 93M22A Firmware Laserjet Pro Mfp M428 M429 W1A28A Firmware Laserjet Pro Mfp M428 M429 W1A31A Firmware Laserjet Pro Mfp M428 M429 W1A33A Firmware Laserjet Pro Mfp M428 M429 F W1A29A Firmware Laserjet Pro Mfp M428 M429 F W1A32A Firmware Laserjet Pro Mfp M428 M429 F W1A30A Firmware Laserjet Pro Mfp M428 M429 F W1A38A Firmware Laserjet Pro Mfp M428 M429 F W1A34A Firmware Laserjet Pro Mfp M428 M429 F W1A35A Firmware Pagewide 352Dw J6U57A Firmware Pagewide 377Dw J9V80A Firmware Pagewide Managed P55250Dw J6U55A Firmware Pagewide Managed P55250Dw J6U51B Firmware Pagewide Managed P55250Dw J6U55B Firmware Pagewide Managed P57750Dw J9V82A Firmware Pagewide Pro 452Dn D3Q15A Firmware Pagewide Pro 452Dw D3Q16A Firmware Pagewide Pro 477Dn D3Q19A Firmware Pagewide Pro 477Dw D3Q20A Firmware Pagewide Pro 552Dw D3Q17A Firmware Pagewide Pro 577Dw D3Q21A Firmware Pagewide Pro 577Z K9Z76A Firmware Officejet Pro 8210 D9L63A Firmware Officejet Pro 8210 D9L64A Firmware Officejet Pro 8210 J3P65A Firmware Officejet Pro 8210 J3P66A Firmware Officejet Pro 8210 J3P67A Firmware Officejet Pro 8210 J3P68A Firmware Officejet Pro 8216 T0G70A Firmware Officejet Pro 8730 D9L20A Firmware Officejet Pro 8730 K7S32A Firmware Officejet Pro 8740 D9L21A Firmware Officejet Pro 8740 K7S42A Firmware Officejet Pro 8740 T0G65A Firmware Officejet Pro 8740 K7S39A Firmware Officejet Pro 8740 J6X83A Firmware Officejet Pro 8740 K7S43A Firmware Officejet Pro 8740 K7S40A Firmware Officejet Pro 8740 K7S41A Firmware
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 23, 2022 - 20:15 nvd
CRITICAL 9.8

DescriptionNVD

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.

AnalysisAI

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. Affected products include: Hp Laserjet Pro M453-M454 W1Y40A Firmware, Hp Laserjet Pro M453-M454 W1Y41A Firmware, Hp Laserjet Pro M453-M454 W1Y46A Firmware, Hp Laserjet Pro M453-M454 W1Y47A Firmware, Hp Laserjet Pro M453-M454 W1Y44A Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2022-24292 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy