CVE-2024-9423

high-risk

Published 2024-10-02

Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. The printer displays a “JPEG Unsupported” message which may not clear, potentially blocking queued print jobs.

Do I need to act?

0.19% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.3/10 Medium

NETWORK / LOW complexity

Affected Products (20)

9Yf88A Firmware

9Yf89A Firmware

9Yf90A Firmware

9Yf91A Firmware

9Yf91E Firmware

9Yf92A Firmware

9Yf94A Firmware

9Yf95A Firmware

9Yf96A Firmware

9Yf97A Firmware

9Yf98A Firmware

9Yg02A Firmware

9Yg02E Firmware

9Yg05A Firmware

9Yg05E Firmware

9Yg08A Firmware

9Yg09A Firmware

9Yg10A Firmware

9Yg11A Firmware

2U582A Firmware

Affected Vendors

References (1)

Vendor Advisory https://support.hp.com/us-en/document/ish_11266441-11266463-16/hpsbpi03976

/ 100

high-risk

Severity 21/34 · High

Exploitability 1/34 · Minimal

Exposure 30/34 · Critical