CVE-2021-3942

high-risk
Published 2022-12-12

Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.

Do I need to act?

-
0.73% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (20)

Color Laserjet Cm4540 Mfp Cc419A Firmware
Color Laserjet Cm4540 Mfp Cc420A Firmware
Color Laserjet Cm4540 Mfp Cc421A Firmware
Color Laserjet Cm5525 Mfp Ce707A Firmware
Color Laserjet Cm5525 Mfp Ce708A Firmware
Color Laserjet Cm5525 Mfp Ce709A Firmware
Color Laserjet M578 Mfp 7Zu85A Firmware
Color Laserjet M578 Mfp 7Zu86A Firmware
Color Laserjet M578 Mfp 7Zu87A Firmware
Color Laserjet M578 Mfp 7Zu88A Firmware
Color Laserjet Enterprise Flow Mfp M880Z D7P70A Firmware
Color Laserjet Enterprise Flow Mfp M880Z A2W75A Firmware
Color Laserjet Enterprise Flow Mfp M880Z A2W76A Firmware
Color Laserjet Enterprise Flow Mfp M880Z D7P71A Firmware
Color Laserjet Enterprise Flow Mfp M880Z L3U51A Firmware
Color Laserjet Enterprise Flow Mfp M880Z L3U52A Firmware
Color Laserjet Managed Flow Mfp M880Zm D7P70A Firmware
Color Laserjet Managed Flow Mfp M880Zm A2W75A Firmware
Color Laserjet Managed Flow Mfp M880Zm A2W76A Firmware
Color Laserjet Managed Flow Mfp M880Zm D7P71A Firmware

Affected Vendors

Hp

References (2)

Vendor Advisory https://support.hp.com/us-en/document/ish_5948778-5949142-16/hpsbpi03780
Vendor Advisory https://support.hp.com/us-en/document/ish_5948778-5949142-16/hpsbpi03780
67
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 2/34 · Minimal
Exposure 33/34 · Critical