Skip to main content

P4C78A Firmware CVE-2022-28722

CRITICAL
Classic Buffer Overflow (CWE-120)
2022-09-26 hp-security-alert@hp.com
HP Buffer Overflow P4C78A Firmware P4C85A Firmware T3P03A Firmware P4C86A Firmware P4C81A Firmware P4C82A Firmware P4C84A Firmware T0G25A Firmware T0G26A Firmware J7K33A Firmware T0F30A Firmware T0F32A Firmware T0F38A Firmware T0F31A Firmware J7K37A Firmware J7K38A Firmware J7K35A Firmware J7K39A Firmware T0F28A Firmware T0F36A Firmware J7K34A Firmware T0F33A Firmware T0F39A Firmware T0F34A Firmware T0F35A Firmware J7K40A Firmware J7K36A Firmware J7K42A Firmware J7K41A Firmware T0F29A Firmware T0F37A Firmware T0F40A Firmware G5j56a Firmware Y0s18a Firmware L3t99a Firmware Y0s19a Firmware G5j38a Firmware T1p99a Firmware D9l63a Firmware D9l64a Firmware J3p65a Firmware J3p66a Firmware J3p67a Firmware J3p68a Firmware T0g70a Firmware D9l18a Firmware M9l66a Firmware M9l67a Firmware T0g46a Firmware J6x76a Firmware J6x78a Firmware J6x80a Firmware K7s37a Firmware M9l70a Firmware J6x77a Firmware J6x81a Firmware J6x79a Firmware K7s38a Firmware T0g47a Firmware T0g48a Firmware T0g49a Firmware M9l65a Firmware D9l20a Firmware K7s32a Firmware D9l21a Firmware K7s42a Firmware T0g65a Firmware K7s39a Firmware J6x83a Firmware K7s43a Firmware K7s40a Firmware K7s41a Firmware J6U57A Firmware J9V80A Firmware J6U55A Firmware J6U51B Firmware J6U55B Firmware J9V82A Firmware W1B28A Firmware Y3Z45A Firmware W1B29A Firmware Y3Z47A Firmware Y3Z57A Firmware W1B33A Firmware W1B39A Firmware W1B37A Firmware W1B38A Firmware D3Q15A Firmware D3Q16A Firmware D3Q19A Firmware D3Q20A Firmware D3Q17A Firmware D3Q21A Firmware K9Z76A Firmware Y3Z44A Firmware A7W93A Firmware Y3Z46A Firmware Y3Z54A Firmware W1B31A Firmware
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 26, 2022 - 15:15 nvd
CRITICAL 9.8

DescriptionNVD

Certain HP Print Products are potentially vulnerable to Buffer Overflow.

AnalysisAI

Certain HP Print Products are potentially vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. Certain HP Print Products are potentially vulnerable to Buffer Overflow. Affected products include: Hp P4C78A Firmware, Hp P4C85A Firmware, Hp T3P03A Firmware, Hp P4C86A Firmware, Hp P4C81A Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.

Share

CVE-2022-28722 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy