CVE-2025-2268

high-risk

Published 2025-03-14

The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP).

Do I need to act?

0.17% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (20)

6Gx09A Firmware

6Gx09E Firmware

9Yf91E Firmware

9Yg02E Firmware

9Yg05E Firmware

6Gw71A Firmware

6Gw99A Firmware

6Gx00A Firmware

6Gx03A Firmware

6Gx04A Firmware

6Gx05A Firmware

6Gx06A Firmware

9Yf88A Firmware

9Yf89A Firmware

9Yf90A Firmware

9Yf91A Firmware

9Yf92A Firmware

9Yf94A Firmware

9Yf95A Firmware

9Yf96A Firmware

Affected Vendors

References (1)

Vendor Advisory https://support.hp.com/us-en/document/ish_12114154-12114176-16/hpsbpi04013

/ 100

high-risk

Severity 26/34 · High

Exploitability 1/34 · Minimal

Exposure 26/34 · High