28
CVEs
2
Critical
13
High
0
KEV
5
PoC
13
Unpatched C/H
21.4%
Patch Rate
1.8%
Avg EPSS
Severity Breakdown
CRITICAL
2
HIGH
13
MEDIUM
13
LOW
0
Monthly CVE Trend
Affected Products (30)
Linux Kernel
8
PHP
4
Virtual Appliance Host
4
Virtual Appliance Application
4
Autopass License Server
3
Command Injection
3
Debian Linux
3
7Kw75A Firmware
2
4Ra85F Firmware
2
7Kw63A Firmware
2
7Kw50A Firmware
2
4Ra89A Firmware
2
Stack Overflow
2
4Ra85A Firmware
2
499M8A Firmware
2
W1Y43A Firmware
2
5Hh73A Firmware
2
Futuresmart 3
2
W1A66A Firmware
2
W1A56A Firmware
2
7Kw76A Firmware
2
4Ra82E Firmware
2
W1Y45A Firmware
2
4Ra87F Firmware
2
W1A47A Firmware
2
499M7A Firmware
2
759V0E Firmware
2
499Q5F Firmware
2
759V1F Firmware
2
4Ra86F Firmware
2
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2024-51978 | Certain devices expose serial numbers via HTTP/HTTPS/IPP and SNMP that can be used to generate the default administrator password. An unauthenticated attacker who discovers the serial number can calculate the admin password and gain full administrative control of the device without brute force. | CRITICAL | 9.8 | 48.3% | 117 |
PoC
No patch
|
| CVE-2024-51768 | CVE-2024-51768 is a remote code execution vulnerability in HPE AutoPass License Server (APLS) versions prior to 9.17, stemming from unsafe deserialization in the embedded HSQLDB database library. An authenticated attacker with local network access can execute arbitrary code with the privileges of the APLS service, potentially leading to complete system compromise. The vulnerability has a CVSS score of 8.0 and represents a significant risk to organizations using affected APLS versions, particularly given the authentication requirement is modest (PR:L) and the attack complexity is low. | HIGH | 8.0 | 0.4% | 40 |
No patch
|
| CVE-2025-43026 | Local privilege escalation vulnerability in HP Support Assistant versions before 9.44.18.0 that allows a local attacker with limited user privileges to write arbitrary files and escalate to higher privilege levels without user interaction. The vulnerability carries a CVSS score of 7.8 (high severity) and exploits improper file permission handling in the support application; while KEV status and active exploitation data are not provided in the source material, the low attack complexity and local attack vector suggest this is a realistic threat for systems running vulnerable versions. | HIGH | 7.8 | 0.0% | 39 |
No patch
|
| CVE-2024-51982 | CVE-2024-51982 is a denial-of-service vulnerability affecting network-connected printers and multifunction devices that expose the Printer Job Language (PJL) interface on TCP port 9100. An unauthenticated remote attacker can send a malformed PJL command with an invalid FORMLINES variable to crash the device repeatedly, causing service disruption without authentication or user interaction. The CVSS 7.5 score reflects the high availability impact, and while specific KEV/POC data was not provided in the source material, the straightforward nature of the exploit (malformed input causing crash) suggests practical exploitability. | HIGH | 7.5 | 0.6% | 38 |
No patch
|
| CVE-2024-51769 | CVE-2024-51769 is an information disclosure vulnerability in HPE AutoPass License Server (APLS) versions prior to 9.17 that allows unauthenticated network attackers to access sensitive information without requiring user interaction. The vulnerability has a CVSS 3.1 score of 7.5 with a high confidentiality impact (CWE-200: Exposure of Sensitive Information to an Unauthorized Actor), making it a significant risk for organizations relying on APLS for license management across their HPE infrastructure. | HIGH | 7.5 | 0.1% | 38 |
No patch
|
| CVE-2024-51770 | CVE-2024-51770 is an information disclosure vulnerability in HPE AutoPass License Server (APLS) versions prior to 9.17 that allows unauthenticated remote attackers to access sensitive information over the network. The vulnerability has a CVSS score of 7.5 with high confidentiality impact, enabling attackers to extract confidential data without requiring authentication, special privileges, or user interaction. The network-accessible nature of this information disclosure makes it a significant risk for organizations running vulnerable APLS versions. | HIGH | 7.5 | 0.1% | 38 |
No patch
|
| CVE-2025-37165 | router mode configuration of HPE Instant On Access Points exposed certain network configuration details to unintended interfaces. A malicious actor is affected by information exposure (CVSS 7.5). | HIGH | 7.5 | 0.0% | 38 |
No patch
|
| CVE-2024-5477 | A potential security vulnerability has been identified in the System BIOS for some HP PC products which may allow escalation of privilege, arbitrary code execution, denial of service, or information. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available. | HIGH | 7.3 | 0.0% | 37 |
No patch
|
| CVE-2025-37091 | Command injection remote code execution vulnerability in HPE StoreOnce Software that allows authenticated attackers with high privileges to execute arbitrary commands on affected systems. The vulnerability has a CVSS score of 7.2 (high severity) and requires authenticated access but no user interaction. Given the command injection nature (CWE-77) and network attack vector, this poses significant risk to organizations running vulnerable HPE StoreOnce deployments, particularly if KEV status or active exploitation is confirmed. | HIGH | 7.2 | 0.4% | 36 |
No patch
|
| CVE-2025-71101 | In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing The hp_populate_*_elements_from_package() functions in the hp-bioscfg driver contain out-of-bounds array access vulnerabilities. | HIGH | 7.1 | 0.0% | 36 |
|
| CVE-2025-1697 | A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for certain HP PC products with versions prior to 4.2.2439. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available. | MEDIUM | 6.9 | 0.1% | 35 |
No patch
|
| CVE-2025-7698 | Out-of-bounds read vulnerabilities exist in the print processing functionality of multiple Canon printer driver families, including Generic Plus PCL6, UFR II, LIPS4, LIPSLX, PS, PCL6, CARPS2, and related variants. These vulnerabilities allow remote attackers to read sensitive memory contents (information disclosure) and potentially cause application crashes, requiring user interaction (opening a malicious print job) to trigger. With an EPSS score of 0.05% and no evidence of active exploitation in the wild, this represents a low real-world risk despite moderate CVSS scoring. | MEDIUM | 5.9 | 0.0% | 30 |
No patch
|
| CVE-2025-9903 | Out-of-bounds write vulnerabilities exist in the print processing functionality of multiple Canon printer drivers, including Generic Plus variants (PCL6, UFR II, LIPS4, LIPSLX, PS) and standalone drivers (UFRII LT, CARPS2, Generic FAX, LIPS4, LIPSLX, UFR II, PS, PCL6). An attacker can exploit these memory corruption flaws via a malicious print job to corrupt memory, potentially leading to code execution or denial of service. The EPSS score of 0.04% (13th percentile) suggests low exploitation probability in the wild, and no active KEV status has been reported, indicating this is not currently being exploited at scale. | MEDIUM | 5.9 | 0.0% | 30 |
No patch
|
| CVE-2025-71121 | In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinitiy on ASP chip The ASP chip is a very old variant of the GSP chip and is used e.g. in HP 730 workstations. | MEDIUM | 5.5 | 0.1% | 28 |
|
| CVE-2025-37781 | In the Linux kernel, the following vulnerability has been resolved: i2c: cros-ec-tunnel: defer probe if parent EC is not present When i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer. | MEDIUM | 5.5 | 0.1% | 28 |
|