CVE-2025-43018

MEDIUM EPSS 16.9%
Published Jul 30, 202511mo ago · Modified Jun 17, 20261w ago
6.9 CVSS 4.0
Medium
Find Similar
Published Jul 30, 2025 11mo ago
Last Modified Jun 17, 2026 1w ago

Description

Certain HP LaserJet Pro printers may be vulnerable to information disclosure when a non-authenticated user queries a device’s local address book.

CVSS Details

Base Score
6.9
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
16.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure

Affected Products 34

VendorProductVersionRange
hpw1a75a_firmware* <002.2508a
hpw1a75a*any
hpw1a76a_firmware* <002.2508a
hpw1a76a*any
hpw1a77a_firmware* <002.2508a
hpw1a77a*any
hpw1a81a_firmware* <002.2508a
hpw1a81a*any
hpw1a82a_firmware* <002.2508a
hpw1a82a*any
hpw1a79a_firmware* <002.2508a
hpw1a79a*any
hpw1a80a_firmware* <002.2508a
hpw1a80a*any
hpw1a78a_firmware* <002.2508a
hpw1a78a*any
hpw1a29a_firmware* <002.2508a
hpw1a29a*any
hpw1a32a_firmware* <002.2508a
hpw1a32a*any
hpw1a30a_firmware* <002.2508a
hpw1a30a*any
hpw1a38a_firmware* <002.2508a
hpw1a38a*any
hpw1a34a_firmware* <002.2508a
hpw1a34a*any
hpw1a35a_firmware* <002.2508a
hpw1a35a*any
hpw1a28a_firmware* <002.2508a
hpw1a28a*any
hpw1a31a_firmware* <002.2508a
hpw1a31a*any
hpw1a33a_firmware* <002.2508a
hpw1a33a*any

References 1

  • support.hp.com https://support.hp.com/us-en/document/ish_12807011-12807034-16/hpsbpi04040
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.