CVE-2019-6320
moderate-risk
Published 2020-01-09
Certain HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration.
Do I need to act?
-
0.15% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.1/10
High
NETWORK
/ LOW complexity
Affected Products (8)
Deskjet 3630 F5S43A Firmware
Deskjet 3630 F5S57A Firmware
Deskjet 3630 K4T93A Firmware
Deskjet 3630 K4T99C Firmware
Deskjet 3630 K4U00B Firmware
Deskjet 3630 K4U03B Firmware
Deskjet 3630 V3F21A Firmware
Deskjet 3630 V3F22A Firmware
Affected Vendors
References (2)
Vendor Advisory
https://support.hp.com/us-en/document/c06308143
Vendor Advisory
https://support.hp.com/us-en/document/c06308143
43
/ 100
moderate-risk
Severity
28/34 · Critical
Exploitability
1/34 · Minimal
Exposure
14/34 · Moderate