CVE-2025-26506

CRITICAL
2025-02-14 [email protected]
9.2
CVSS 4.0
Share

CVSS Vector

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 18:26 vuln.today
CVE Published
Feb 14, 2025 - 17:15 nvd
CRITICAL 9.2

Tags

Buffer Overflow RCE Stack Overflow Hp 499Q9E Firmware 499Q9F Firmware 499R0A Firmware 499R0E Firmware 499R0F Firmware 4Ra80A Firmware 4Ra80E Firmware 4Ra80F Firmware 4Ra81A Firmware 4Ra81E Firmware 4Ra81F Firmware 4Ra81Fr Firmware 4Ra82A Firmware 4Ra82E Firmware 4Ra82F Firmware 4Ra82Fr Firmware 4Ra83A Firmware 4Ra83E Firmware 4Ra83F Firmware 4Ra84A Firmware 4Ra84E Firmware 4Ra84F Firmware 4Ra85A Firmware 4Ra85E Firmware 4Ra85F Firmware 4Ra85V Firmware 4Ra86A Firmware 4Ra86E Firmware 4Ra86F Firmware 4Ra87A Firmware 4Ra87E Firmware 4Ra87F Firmware 4Ra88A Firmware 4Ra88E Firmware 4Ra88F Firmware 4Ra89A Firmware 4Ra89V Firmware 5Hh48A Firmware 5Hh48V Firmware 5Hh51A Firmware 499M6A Firmware 499M7A Firmware 5Hh52A Firmware 5Hh53A Firmware 5Hh59A Firmware 5Hh64A Firmware 5Hh64E Firmware 5Hh64F Firmware 5Hh65A Firmware 5Hh66A Firmware 5Hh67A Firmware 5Hh72A Firmware 5Hh73A Firmware 74P25A Firmware 74P26A Firmware 74P27A Firmware 74P28A Firmware 74T92A Firmware 74T92E Firmware 74T92F Firmware 759V0E Firmware 759V0F Firmware 759V1E Firmware 759V1F Firmware 759V2E Firmware 759V2F Firmware 8D7L0A Firmware 8D7L1A Firmware 8D7L2A Firmware 499M8A Firmware 499M9A Firmware 499N0A Firmware 499N1A Firmware 499N4A Firmware 499N5A Firmware 499N6A Firmware 499Q3A Firmware 499Q3E Firmware 499Q3F Firmware 499Q4E Firmware 499Q4F Firmware 499Q5A Firmware 499Q5E Firmware 499Q5F Firmware 499Q5Fr Firmware 499Q6A Firmware 499Q6E Firmware 499Q6F Firmware 499Q7A Firmware 499Q7E Firmware 499Q7F Firmware 499Q8A Firmware 499Q8E Firmware 499Q8F Firmware 499Q9A Firmware

Description

Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.

Analysis

Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Technical Context

This vulnerability is classified under CWE-121. Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. Affected products include: Hp 499Q9E Firmware, Hp 499Q9F Firmware, Hp 499R0A Firmware, Hp 499R0E Firmware, Hp 499R0F Firmware.

Affected Products

Hp 499Q9E Firmware, Hp 499Q9F Firmware, Hp 499R0A Firmware, Hp 499R0E Firmware, Hp 499R0F Firmware.

Remediation

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Priority Score

52
Low Medium High Critical
KEV: 0
EPSS: +6.1
CVSS: +46
POC: 0

Share

CVE-2025-26506 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy