CVE-2018-5923
high-risk
Published 2019-03-27
In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code.
Do I need to act?
~
1.5% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (20)
Color Laserjet Cm4540 Mfp Firmware
Color Laserjet Cp5525 Firmware
Color Laserjet Enterprise Flow Mfp M681F Firmware
Color Laserjet Enterprise Flow Mfp M681Z Firmware
Color Laserjet Enterprise Flow Mfp M682Z Firmware
Color Laserjet Enterprise M552 Firmware
Color Laserjet Enterprise M553 Firmware
Color Laserjet Enterprise M651 Firmware
Color Laserjet Enterprise M652N Firmware
Color Laserjet Enterprise M652Dn Firmware
Color Laserjet Enterprise M653Dn Firmware
Color Laserjet Enterprise M653Dh Firmware
Color Laserjet Enterprise M653X Firmware
Color Laserjet Enterprise M750 Firmware
Color Laserjet Enterprise Mfp M577 Firmware
Color Laserjet Enterprise Mfp M681Dh Firmware
Color Laserjet Enterprise Mfp M681F Firmware
Color Laserjet Enterprise Mfp M682Dh Firmware
Color Laserjet M680 Firmware
Color Laserjet Managed E55040Dw Firmware
Affected Vendors
References (2)
Vendor Advisory
https://support.hp.com/us-en/document/c06169434
Vendor Advisory
https://support.hp.com/us-en/document/c06169434
68
/ 100
high-risk
Severity
32/34 · Critical
Exploitability
4/34 · Minimal
Exposure
32/34 · Critical