CVE-2023-26301

high-risk
Published 2023-07-21

Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints.

Do I need to act?

-
0.68% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (19)

Color Laserjet Pro 4201-4203 4Ra87F Firmware
Color Laserjet Pro 4201-4203 4Ra88F Firmware
Color Laserjet Pro 4201-4203 4Ra89A Firmware
Color Laserjet Pro 4201-4203 5Hh48A Firmware
Color Laserjet Pro 4201-4203 5Hh51A Firmware
Color Laserjet Pro 4201-4203 5Hh52A Firmware
Color Laserjet Pro 4201-4203 5Hh53A Firmware
Color Laserjet Pro 4201-4203 5Hh59A Firmware
Color Laserjet Pro Mfp 4301-4303 4Ra80F Firmware
Color Laserjet Pro Mfp 4301-4303 4Ra81F Firmware
Color Laserjet Pro Mfp 4301-4303 4Ra82F Firmware
Color Laserjet Pro Mfp 4301-4303 4Ra83F Firmware
Color Laserjet Pro Mfp 4301-4303 4Ra84F Firmware
Color Laserjet Pro Mfp 4301-4303 5Hh64F Firmware
Color Laserjet Pro Mfp 4301-4303 5Hh65A Firmware
Color Laserjet Pro Mfp 4301-4303 5Hh66A Firmware
Color Laserjet Pro Mfp 4301-4303 5Hh67A Firmware
Color Laserjet Pro Mfp 4301-4303 5Hh72A Firmware
Color Laserjet Pro Mfp 4301-4303 5Hh73A Firmware

Affected Vendors

Hp

References (2)

Vendor Advisory https://support.hp.com/us-en/document/ish_8746769-8746795-16/hpsbpi03855
Vendor Advisory https://support.hp.com/us-en/document/ish_8746769-8746795-16/hpsbpi03855
53
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 2/34 · Minimal
Exposure 19/34 · Moderate