Skip to main content

W1Y47A Firmware CVE-2025-12785

MEDIUM
Information Exposure (CWE-200)
2025-11-13 hp-security-alert@hp.com
Information Disclosure HP W1Y47A Firmware 7Kw48A Firmware 7Kw49A Firmware 7Kw50A Firmware 7Kw51A Firmware 7Kw54A Firmware 7Kw55A Firmware 7Kw56A Firmware 7Kw57A Firmware 7Kw58A Firmware 7Kw59A Firmware 7Kw63A Firmware 7Kw64A Firmware 7Kw65A Firmware 7Kw66A Firmware 7Kw67A Firmware 7Kw68A Firmware 7Kw72A Firmware 7Kw73A Firmware 7Kw74A Firmware 7Kw75A Firmware 7Kw76A Firmware 7Kw77A Firmware 7Kw78A Firmware 7Kw79A Firmware 93M22A Firmware W1A28A Firmware W1A29A Firmware W1A30A Firmware W1A31A Firmware W1A32A Firmware W1A33A Firmware W1A34A Firmware W1A35A Firmware W1A38A Firmware W1A46A Firmware W1A47A Firmware W1A48A Firmware W1A51A Firmware W1A52A Firmware W1A53A Firmware W1A56A Firmware W1A57A Firmware W1A58A Firmware W1A59A Firmware W1A60A Firmware W1A63A Firmware W1A66A Firmware W1A75A Firmware W1A76A Firmware W1A77A Firmware W1A78A Firmware W1A79A Firmware W1A80A Firmware W1A81A Firmware W1A82A Firmware W1Y40A Firmware W1Y41A Firmware W1Y43A Firmware W1Y44A Firmware W1Y45A Firmware W1Y46A Firmware
6.9
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 19:22 vuln.today
CVE Published
Nov 13, 2025 - 18:15 nvd
MEDIUM 6.9

DescriptionNVD

Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server.

AnalysisAI

Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server. Affected products include: Hp W1Y47A Firmware, Hp 7Kw48A Firmware, Hp 7Kw49A Firmware, Hp 7Kw50A Firmware, Hp 7Kw51A Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.

More from same product – last 7 days

CVE-2026-42626
5.9 May 22

HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly manage concurrent TCP connections to port 9100 (JetD

Share

CVE-2025-12785 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy