CVE-2022-28721

high-risk
Published 2022-09-26

Certain HP Print Products are potentially vulnerable to Remote Code Execution.

Do I need to act?

-
0.65% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (20)

M2U86A Firmware
M2U86B Firmware
M2U86C Firmware
M2U87A Firmware
M2U87B Firmware
M2U88B Firmware
M2U89B Firmware
M2U76A Firmware
M2U77A Firmware
5Se522A Firmware
5Sd78A Firmware
5Sd79A Firmware
M2U85B Firmware
Z4A59A Firmware
Z4A71A Firmware
M2U91B Firmware
Z4A69A Firmware
M2U92B Firmware
Z4A70A Firmware
M2U94B Firmware

Affected Vendors

Hp

References (2)

Vendor Advisory https://support.hp.com/us-en/document/ish_6839789-6839813-16/hpsbpi03810
Vendor Advisory https://support.hp.com/us-en/document/ish_6839789-6839813-16/hpsbpi03810
67
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 2/34 · Minimal
Exposure 33/34 · Critical