How to fix CVE-2025-12785?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Review data exposure and access controls.

Is W1Y47A Firmware affected by CVE-2025-12785?

CVE-2025-12785 presents notable security risk, a information exposure vulnerability rated CVSS 6.9. Sensitive information could be exposed to unauthorized parties. Organizations should apply vendor updates when available and monitor for exploitation.

CVE-2025-12785

MEDIUM

2025-11-13 [email protected]

6.9

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 19:22 vuln.today

CVE Published

Nov 13, 2025 - 18:15 nvd

MEDIUM 6.9

Tags

Information Disclosure Hp W1Y47A Firmware 7Kw48A Firmware 7Kw49A Firmware 7Kw50A Firmware 7Kw51A Firmware 7Kw54A Firmware 7Kw55A Firmware 7Kw56A Firmware 7Kw57A Firmware 7Kw58A Firmware 7Kw59A Firmware 7Kw63A Firmware 7Kw64A Firmware 7Kw65A Firmware 7Kw66A Firmware 7Kw67A Firmware 7Kw68A Firmware 7Kw72A Firmware 7Kw73A Firmware 7Kw74A Firmware 7Kw75A Firmware 7Kw76A Firmware 7Kw77A Firmware 7Kw78A Firmware 7Kw79A Firmware 93M22A Firmware W1A28A Firmware W1A29A Firmware W1A30A Firmware W1A31A Firmware W1A32A Firmware W1A33A Firmware W1A34A Firmware W1A35A Firmware W1A38A Firmware W1A46A Firmware W1A47A Firmware W1A48A Firmware W1A51A Firmware W1A52A Firmware W1A53A Firmware W1A56A Firmware W1A57A Firmware W1A58A Firmware W1A59A Firmware W1A60A Firmware W1A63A Firmware W1A66A Firmware W1A75A Firmware W1A76A Firmware W1A77A Firmware W1A78A Firmware W1A79A Firmware W1A80A Firmware W1A81A Firmware W1A82A Firmware W1Y40A Firmware W1Y41A Firmware W1Y43A Firmware W1Y44A Firmware W1Y45A Firmware W1Y46A Firmware

Description

Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server.

Analysis

Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical Context

This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server. Affected products include: Hp W1Y47A Firmware, Hp 7Kw48A Firmware, Hp 7Kw49A Firmware, Hp 7Kw50A Firmware, Hp 7Kw51A Firmware.

Affected Products

Hp W1Y47A Firmware, Hp 7Kw48A Firmware, Hp 7Kw49A Firmware, Hp 7Kw50A Firmware, Hp 7Kw51A Firmware.

Remediation

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +34

POC: 0

CVE-2025-12785 vulnerability details – vuln.today

Back

CVE-2025-12785

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-12785

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code