HP Product Security Response TeamHP:C01886100HPSBPI02472 SSRT090196 rev.4 - Certain HP Color LaserJet Printers, Remote Unauthorized Access to Data, Denial of Service
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Potential Security Impact
Remote unauthorized access to data, Denial of Service (DoS)
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with certain HP Color LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to data or to create a Denial of Service (DoS).
RESOLUTION
HP has provided firmware updates for impacted printers as set forth in the table below. To obtain the updated firmware, go to the HP Software and Drivers page for your product and find the firmware update from the list of available software.
Product
|
Resolved in Firmware Version
—|—
HP Color LaserJet CM3530 MFP
|
53.031.4 or subsequent
HP Color LaserJet CP3525 Printer
|
05.059.3 or subsequent
Note: Each firmware update has instructions for finding the firmware version installed on the product.
PRODUCT SPECIFIC INFORMATION
None
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C