| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
| The vulnerability of microprogrammed software in HP PageWide and HP OfficeJet Pro printers stems from the use of an assert() or similar operator function, which allows a malicious actor to trigger a service failure. | 4 Mar 202000:00 | – | bdu_fstec | |
| CVE-2019-16240 | 9 Nov 202118:35 | – | circl | |
| HP Inkjet printers 安全漏洞 | 9 Nov 202100:00 | – | cnnvd | |
| CVE-2019-16240 | 9 Nov 202114:37 | – | cve | |
| CVE-2019-16240 | 9 Nov 202114:37 | – | cvelist | |
| EUVD-2019-7047 | 7 Oct 202500:30 | – | euvd | |
| HPSBPI03630 rev. 2 - HP Inkjet Printers - Buffer Overflow and Local Disclosure of Information | 27 Sep 201900:00 | – | hp | |
| CVE-2019-16240 | 9 Nov 202115:15 | – | nvd | |
| CVE-2019-16240 | 9 Nov 202115:15 | – | osv | |
| Buffer overflow | 9 Nov 202115:15 | – | prion |
| Source | Link |
|---|---|
| support | www.support.hp.com/us-en/document/c06458150 |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(503308);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2025/07/28");
script_cve_id("CVE-2019-16240");
script_name(english:"HP OfficeJet Pro and PageWide Managed Printers Buffer Overflow (CVE-2019-16240)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"A Buffer Overflow and Information Disclosure issue exists in HP
OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed
Printers and HP PageWide Pro Printers before 001.1937D exists; A
maliciously crafted print file might cause certain HP Inkjet printers
to assert. Under certain circumstances, the printer produces a core
dump to a local device.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://support.hp.com/us-en/document/c06458150");
script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-16240");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_cwe_id(120);
script_set_attribute(attribute:"vuln_publication_date", value:"2021/11/09");
script_set_attribute(attribute:"patch_publication_date", value:"2021/11/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/07/28");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:officejet_pro_8210_d9l63a_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:officejet_pro_8210_d9l64a_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:officejet_pro_8210_j3p65a_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:officejet_pro_8210_j3p68a_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:officejet_pro_8210_t0g70a_firmware");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/HP");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/HP');
var asset = tenable_ot::assets::get(vendor:'HP');
var vuln_cpes = {
"cpe:/o:hp:officejet_pro_8210_d9l63a_firmware" :
{"versionEndExcluding" : "001.1937c", "family" : "OfficejetPro"},
"cpe:/o:hp:officejet_pro_8210_d9l64a_firmware" :
{"versionEndExcluding" : "001.1937c", "family" : "OfficejetPro"},
"cpe:/o:hp:officejet_pro_8210_j3p65a_firmware" :
{"versionEndExcluding" : "001.1937c", "family" : "OfficejetPro"},
"cpe:/o:hp:officejet_pro_8210_j3p68a_firmware" :
{"versionEndExcluding" : "001.1937c", "family" : "OfficejetPro"},
"cpe:/o:hp:officejet_pro_8210_t0g70a_firmware" :
{"versionEndExcluding" : "001.1937c", "family" : "OfficejetPro"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation