Multiple vulnerabilities in HP Print Products
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU61595
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-24292
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the PostScript interpreter. A remote attacker on the local network can trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHP Color LaserJet Pro MFP M2XX: All versions
HP Color LaserJet Pro M453 - M454: before 002_2208A
HP Color LaserJet Pro MFP M478: before 002_2208A
HP Color LaserJet Pro MFP M479: before 002_2208A
HP LaserJet Pro M304: before 002_2208A
HP LaserJet Pro M305: before 002_2208A
HP LaserJet Pro M404: before 002_2208A
HP LaserJet Pro M405: before 002_2208A
HP LaserJet Pro MFP M428: before 002_2208A
HP LaserJet Pro MFP M429: before 002_2208A
HP LaserJet Pro MFP M429 F: before 002_2208A
HP PageWide 352dw Printer: before 2205D
HP PageWide 377dw Multifunction Printer: before 2205D
HP PageWide Managed P55250dw Printer series: before 2205D
HP PageWide Managed P57750dw Multifunction Printer: before 2205D
HP PageWide Pro 452dn Printer series: before 2205D
HP PageWide Pro 452dw Printer series: before 2205D
HP PageWide Pro 477dn Multifunction Printer series: before 2205D
HP PageWide Pro 477dw Multifunction Printer series: before 2205D
HP PageWide Pro 552dw Printer series: before 2205D
HP PageWide Pro 577 Multifunction Printer series: before 2205D
HP OfficeJet Pro 8210 Printer series: before 001.2210 B
HP OfficeJet Pro 8216 Printer series: before 001.2210 B
HP OfficeJet Pro 8730 All-in-One Printer: before 001.2207C
HP OfficeJet Pro 8740 All-in-One Printer series: before 001.2207C
External linkshttp://support.hp.com/us-en/document/ish_5950417-5950443-16
http://www.zerodayinitiative.com/advisories/ZDI-22-535/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Stack-based buffer overflow
EUVDB-ID: #VU61597
Risk: Low
CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-24293
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the eContactRestore within the address book feature. A remote user on the local network can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHP Color LaserJet Pro MFP M2XX: All versions
HP Color LaserJet Pro M453 - M454: before 002_2208A
HP Color LaserJet Pro MFP M478: before 002_2208A
HP Color LaserJet Pro MFP M479: before 002_2208A
HP LaserJet Pro M304: before 002_2208A
HP LaserJet Pro M305: before 002_2208A
HP LaserJet Pro M404: before 002_2208A
HP LaserJet Pro M405: before 002_2208A
HP LaserJet Pro MFP M428: before 002_2208A
HP LaserJet Pro MFP M429: before 002_2208A
HP LaserJet Pro MFP M429 F: before 002_2208A
HP PageWide 352dw Printer: before 2205D
HP PageWide 377dw Multifunction Printer: before 2205D
HP PageWide Managed P55250dw Printer series: before 2205D
HP PageWide Managed P57750dw Multifunction Printer: before 2205D
HP PageWide Pro 452dn Printer series: before 2205D
HP PageWide Pro 452dw Printer series: before 2205D
HP PageWide Pro 477dn Multifunction Printer series: before 2205D
HP PageWide Pro 477dw Multifunction Printer series: before 2205D
HP PageWide Pro 552dw Printer series: before 2205D
HP PageWide Pro 577 Multifunction Printer series: before 2205D
HP OfficeJet Pro 8210 Printer series: before 001.2210 B
HP OfficeJet Pro 8216 Printer series: before 001.2210 B
HP OfficeJet Pro 8730 All-in-One Printer: before 001.2207C
HP OfficeJet Pro 8740 All-in-One Printer series: before 001.2207C
External linkshttp://support.hp.com/us-en/document/ish_5950417-5950443-16
http://www.zerodayinitiative.com/advisories/ZDI-22-533/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU61596
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-24291
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the ScanJobs API. A remote attacker on the local network can trigger memory corruption and cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHP Color LaserJet Pro MFP M2XX: All versions
HP Color LaserJet Pro M453 - M454: before 002_2208A
HP Color LaserJet Pro MFP M478: before 002_2208A
HP Color LaserJet Pro MFP M479: before 002_2208A
HP LaserJet Pro M304: before 002_2208A
HP LaserJet Pro M305: before 002_2208A
HP LaserJet Pro M404: before 002_2208A
HP LaserJet Pro M405: before 002_2208A
HP LaserJet Pro MFP M428: before 002_2208A
HP LaserJet Pro MFP M429: before 002_2208A
HP LaserJet Pro MFP M429 F: before 002_2208A
HP PageWide 352dw Printer: before 2205D
HP PageWide 377dw Multifunction Printer: before 2205D
HP PageWide Managed P55250dw Printer series: before 2205D
HP PageWide Managed P57750dw Multifunction Printer: before 2205D
HP PageWide Pro 452dn Printer series: before 2205D
HP PageWide Pro 452dw Printer series: before 2205D
HP PageWide Pro 477dn Multifunction Printer series: before 2205D
HP PageWide Pro 477dw Multifunction Printer series: before 2205D
HP PageWide Pro 552dw Printer series: before 2205D
HP PageWide Pro 577 Multifunction Printer series: before 2205D
HP OfficeJet Pro 8210 Printer series: before 001.2210 B
HP OfficeJet Pro 8216 Printer series: before 001.2210 B
HP OfficeJet Pro 8730 All-in-One Printer: before 001.2207C
HP OfficeJet Pro 8740 All-in-One Printer series: before 001.2207C
External linkshttp://support.hp.com/us-en/document/ish_5950417-5950443-16
http://www.zerodayinitiative.com/advisories/ZDI-22-534/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
