CVE-2023-27972

CRITICAL EPSS 70.8%
Published Apr 28, 20233y ago · Modified Jun 25, 20266d ago
9.8 CVSS 3.1
Critical
Find Similar
Published Apr 28, 2023 3y ago
Last Modified Jun 25, 2026 6d ago

Description

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution.

CVSS Details

Base Score
9.8
Exploitability
3.9
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
70.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-120

Affected Products 76

VendorProductVersionRange
hplaserjet_pro_m304-m305_w1a46a_firmware* <002_2310a
hplaserjet_pro_m304-m305_w1a46a*any
hplaserjet_pro_m304-m305_w1a47a_firmware* <002_2310a
hplaserjet_pro_m304-m305_w1a47a*any
hplaserjet_pro_m304-m305_w1a48a_firmware* <002_2310a
hplaserjet_pro_m304-m305_w1a48a*any
hplaserjet_pro_m304-m305_w1a66a_firmware* <002_2310a
hplaserjet_pro_m304-m305_w1a66a*any
hplaserjet_pro_m404-m405_93m22a_firmware* <002_2310a
hplaserjet_pro_m404-m405_93m22a*any
hplaserjet_pro_m404-m405_w1a51a_firmware* <002_2310a
hplaserjet_pro_m404-m405_w1a51a*any
hplaserjet_pro_m404-m405_w1a52a_firmware* <002_2310a
hplaserjet_pro_m404-m405_w1a52a*any
hplaserjet_pro_m404-m405_w1a53a_firmware* <002_2310a
hplaserjet_pro_m404-m405_w1a53a*any
hplaserjet_pro_m404-m405_w1a56a_firmware* <002_2310a
hplaserjet_pro_m404-m405_w1a56a*any
hplaserjet_pro_m404-m405_w1a57a_firmware* <002_2310a
hplaserjet_pro_m404-m405_w1a57a*any
hplaserjet_pro_m404-m405_w1a58a_firmware* <002_2310a
hplaserjet_pro_m404-m405_w1a58a*any
hplaserjet_pro_m404-m405_w1a59a_firmware* <002_2310a
hplaserjet_pro_m404-m405_w1a59a*any
hplaserjet_pro_m404-m405_w1a60a_firmware* <002_2310a
hplaserjet_pro_m404-m405_w1a60a*any
hplaserjet_pro_m404-m405_w1a63a_firmware* <002_2310a
hplaserjet_pro_m404-m405_w1a63a*any
hplaserjet_pro_m453-m454_w1y40a_firmware* <002_2310a
hplaserjet_pro_m453-m454_w1y40a*any
hplaserjet_pro_m453-m454_w1y41a_firmware* <002_2310a
hplaserjet_pro_m453-m454_w1y41a*any
hplaserjet_pro_m453-m454_w1y43a_firmware* <002_2310a
hplaserjet_pro_m453-m454_w1y43a*any
hplaserjet_pro_m453-m454_w1y44a_firmware* <002_2310a
hplaserjet_pro_m453-m454_w1y44a*any
hplaserjet_pro_m453-m454_w1y45a_firmware* <002_2310a
hplaserjet_pro_m453-m454_w1y45a*any
hplaserjet_pro_m453-m454_w1y46a_firmware* <002_2310a
hplaserjet_pro_m453-m454_w1y46a*any
hplaserjet_pro_m453-m454_w1y47a_firmware* <002_2310a
hplaserjet_pro_m453-m454_w1y47a*any
hplaserjet_pro_mfp_m428-m429_f_w1a29a_firmware* <002_2310a
hplaserjet_pro_mfp_m428-m429_f_w1a29a*any
hplaserjet_pro_mfp_m428-m429_f_w1a30a_firmware* <002_2310a
hplaserjet_pro_mfp_m428-m429_f_w1a30a*any
hplaserjet_pro_mfp_m428-m429_f_w1a32a_firmware* <002_2310a
hplaserjet_pro_mfp_m428-m429_f_w1a32a*any
hplaserjet_pro_mfp_m428-m429_f_w1a34a_firmware* <002_2310a
hplaserjet_pro_mfp_m428-m429_f_w1a34a*any
hplaserjet_pro_mfp_m428-m429_f_w1a35a_firmware* <002_2310a
hplaserjet_pro_mfp_m428-m429_f_w1a35a*any
hplaserjet_pro_mfp_m428-m429_f_w1a38a_firmware* <002_2310a
hplaserjet_pro_mfp_m428-m429_f_w1a38a*any
hplaserjet_pro_mfp_m428-m429_w1a28a_firmware* <002_2310a
hplaserjet_pro_mfp_m428-m429_w1a28a*any
hplaserjet_pro_mfp_m428-m429_w1a31a_firmware* <002_2310a
hplaserjet_pro_mfp_m428-m429_w1a31a*any
hplaserjet_pro_mfp_m428-m429_w1a33a_firmware* <002_2310a
hplaserjet_pro_mfp_m428-m429_w1a33a*any
hpw1a75a_firmware* <002_2310a
hpw1a75a*any
hpw1a76a_firmware* <002_2310a
hpw1a76a*any
hpw1a77a_firmware* <002_2310a
hpw1a77a*any
hpw1a78a_firmware* <002_2310a
hpw1a78a*any
hpw1a79a_firmware* <002_2310a
hpw1a79a*any
hpw1a80a_firmware* <002_2310a
hpw1a80a*any
hpw1a81a_firmware* <002_2310a
hpw1a81a*any
hpw1a82a_firmware* <002_2310a
hpw1a82a*any

References 1

  • support.hp.com https://support.hp.com/us-en/document/ish_7920078-7920104-16/hpsbpi03840
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.