CVE-2023-35177

HIGH
Published Jun 30, 20233y ago · Modified Jun 25, 20265d ago
8.8 CVSS 3.1
High
Find Similar
Published Jun 30, 2023 3y ago
Last Modified Jun 25, 2026 5d ago

Description

Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser.

CVSS Details

Base Score
8.8
Exploitability
2.8
Impact
5.9
Vector string
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Adjacent
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-787 Out-of-bounds Write Memory Safety

Affected Products 76

VendorProductVersionRange
hpw1a75a_firmware* <002_2322c
hpw1a75a*any
hpw1a76a_firmware* <002_2322c
hpw1a76a*any
hpw1a77a_firmware* <002_2322c
hpw1a77a*any
hpw1a78a_firmware* <002_2322c
hpw1a78a*any
hpw1a79a_firmware* <002_2322c
hpw1a79a*any
hpw1a80a_firmware* <002_2322c
hpw1a80a*any
hpw1a81a_firmware* <002_2322c
hpw1a81a*any
hpw1a82a_firmware* <002_2322c
hpw1a82a*any
hplaserjet_pro_m453-m454_w1y40a_firmware* <002_2322c
hplaserjet_pro_m453-m454_w1y40a*any
hplaserjet_pro_m453-m454_w1y41a_firmware* <002_2322c
hplaserjet_pro_m453-m454_w1y41a*any
hplaserjet_pro_m453-m454_w1y43a_firmware* <002_2322c
hplaserjet_pro_m453-m454_w1y43a*any
hplaserjet_pro_m453-m454_w1y44a_firmware* <002_2322c
hplaserjet_pro_m453-m454_w1y44a*any
hplaserjet_pro_m453-m454_w1y45a_firmware* <002_2322c
hplaserjet_pro_m453-m454_w1y45a*any
hplaserjet_pro_m453-m454_w1y46a_firmware* <002_2322c
hplaserjet_pro_m453-m454_w1y46a*any
hplaserjet_pro_m453-m454_w1y47a_firmware* <002_2322c
hplaserjet_pro_m453-m454_w1y47a*any
hplaserjet_pro_m304-m305_w1a46a_firmware* <002_2322c
hplaserjet_pro_m304-m305_w1a46a*any
hplaserjet_pro_m304-m305_w1a47a_firmware* <002_2322c
hplaserjet_pro_m304-m305_w1a47a*any
hplaserjet_pro_m304-m305_w1a48a_firmware* <002_2322c
hplaserjet_pro_m304-m305_w1a48a*any
hplaserjet_pro_m304-m305_w1a66a_firmware* <002_2322c
hplaserjet_pro_m304-m305_w1a66a*any
hplaserjet_pro_m404-m405_93m22a_firmware* <002_2322c
hplaserjet_pro_m404-m405_93m22a*any
hplaserjet_pro_m404-m405_w1a51a_firmware* <002_2322c
hplaserjet_pro_m404-m405_w1a51a*any
hplaserjet_pro_m404-m405_w1a52a_firmware* <002_2322c
hplaserjet_pro_m404-m405_w1a52a*any
hplaserjet_pro_m404-m405_w1a53a_firmware* <002_2322c
hplaserjet_pro_m404-m405_w1a53a*any
hplaserjet_pro_m404-m405_w1a56a_firmware* <002_2322c
hplaserjet_pro_m404-m405_w1a56a*any
hplaserjet_pro_m404-m405_w1a57a_firmware* <002_2322c
hplaserjet_pro_m404-m405_w1a57a*any
hplaserjet_pro_m404-m405_w1a58a_firmware* <002_2322c
hplaserjet_pro_m404-m405_w1a58a*any
hplaserjet_pro_m404-m405_w1a59a_firmware* <002_2322c
hplaserjet_pro_m404-m405_w1a59a*any
hplaserjet_pro_m404-m405_w1a60a_firmware* <002_2322c
hplaserjet_pro_m404-m405_w1a60a*any
hplaserjet_pro_m404-m405_w1a63a_firmware* <002_2322c
hplaserjet_pro_m404-m405_w1a63a*any
hplaserjet_pro_mfp_m428-m429_f_w1a29a_firmware* <002_2322c
hplaserjet_pro_mfp_m428-m429_f_w1a29a*any
hplaserjet_pro_mfp_m428-m429_f_w1a30a_firmware* <002_2322c
hplaserjet_pro_mfp_m428-m429_f_w1a30a*any
hplaserjet_pro_mfp_m428-m429_f_w1a32a_firmware* <002_2322c
hplaserjet_pro_mfp_m428-m429_f_w1a32a*any
hplaserjet_pro_mfp_m428-m429_f_w1a34a_firmware* <002_2322c
hplaserjet_pro_mfp_m428-m429_f_w1a34a*any
hplaserjet_pro_mfp_m428-m429_f_w1a35a_firmware* <002_2322c
hplaserjet_pro_mfp_m428-m429_f_w1a35a*any
hplaserjet_pro_mfp_m428-m429_f_w1a38a_firmware* <002_2322c
hplaserjet_pro_mfp_m428-m429_f_w1a38a*any
hplaserjet_pro_mfp_m428-m429_w1a28a_firmware* <002_2322c
hplaserjet_pro_mfp_m428-m429_w1a28a*any
hplaserjet_pro_mfp_m428-m429_w1a31a_firmware* <002_2322c
hplaserjet_pro_mfp_m428-m429_w1a31a*any
hplaserjet_pro_mfp_m428-m429_w1a33a_firmware* <002_2322c
hplaserjet_pro_mfp_m428-m429_w1a33a*any

References 1

  • support.hp.com https://support.hp.com/us-en/document/ish_8651888-8651916-16/hpsbpi03853
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.