Buffer overflow in HP Development Company products - CVE-2022-28722
Published: September 26, 2022
Vulnerability identifier: #VU67639
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-28722
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: HP Development Company
Affected software:
HP OfficeJet 6950 All-in-One Printer series
HP OfficeJet 6960 All-in-One Printer series
HP OfficeJet 8022 All-in-One Printer
HP OfficeJet 8022e All-in-One Printer
HP OfficeJet Pro 6960 All-in-One Printer series
HP OfficeJet Pro 6970 All-in-One Printer series
HP OfficeJet Pro 7720 Wide Format All-in-One Printer series
HP OfficeJet Pro 7730 Wide Format All-in-One Printer
HP OfficeJet Pro 7740 Wide Format All-in-One Printer series
HP OfficeJet Pro 8210 Printer series
HP OfficeJet Pro 8730 All-in-One Printer
HP OfficeJet Pro 8740 All-in-One Printer series
HP PageWide 352dw Printer
HP PageWide 377dw Multifunction Printer
HP PageWide Managed P55250dw Printer series
HP PageWide Managed P57750dw Multifunction Printer
HP PageWide Managed P75050dn
HP PageWide Managed P75050dw
HP PageWide Managed P77740dn Multifunction Printer
HP PageWide Managed P77740dw Multifunction Printer
HP PageWide Managed P77740z Multifunction Printer
HP PageWide Managed P77750z Multifunction Printer
HP PageWide Managed P77760z Multifunction Printer
HP PageWide Pro 452dn Printer series
HP PageWide Pro 452dw Printer series
HP PageWide Pro 477dn Multifunction Printer series
HP PageWide Pro 477dw Multifunction Printer series
HP PageWide Pro 552dw Printer series
HP PageWide Pro 577 Multifunction Printer series
HP PageWide Pro 750dn Printer
HP PageWide Pro 750dw Printer
HP PageWide Pro 772dn Multifunction Printer
HP PageWide Pro 772dw Multifunction Printer
HP OfficeJet 6950 All-in-One Printer series
HP OfficeJet 6960 All-in-One Printer series
HP OfficeJet 8022 All-in-One Printer
HP OfficeJet 8022e All-in-One Printer
HP OfficeJet Pro 6960 All-in-One Printer series
HP OfficeJet Pro 6970 All-in-One Printer series
HP OfficeJet Pro 7720 Wide Format All-in-One Printer series
HP OfficeJet Pro 7730 Wide Format All-in-One Printer
HP OfficeJet Pro 7740 Wide Format All-in-One Printer series
HP OfficeJet Pro 8210 Printer series
HP OfficeJet Pro 8730 All-in-One Printer
HP OfficeJet Pro 8740 All-in-One Printer series
HP PageWide 352dw Printer
HP PageWide 377dw Multifunction Printer
HP PageWide Managed P55250dw Printer series
HP PageWide Managed P57750dw Multifunction Printer
HP PageWide Managed P75050dn
HP PageWide Managed P75050dw
HP PageWide Managed P77740dn Multifunction Printer
HP PageWide Managed P77740dw Multifunction Printer
HP PageWide Managed P77740z Multifunction Printer
HP PageWide Managed P77750z Multifunction Printer
HP PageWide Managed P77760z Multifunction Printer
HP PageWide Pro 452dn Printer series
HP PageWide Pro 452dw Printer series
HP PageWide Pro 477dn Multifunction Printer series
HP PageWide Pro 477dw Multifunction Printer series
HP PageWide Pro 552dw Printer series
HP PageWide Pro 577 Multifunction Printer series
HP PageWide Pro 750dn Printer
HP PageWide Pro 750dw Printer
HP PageWide Pro 772dn Multifunction Printer
HP PageWide Pro 772dw Multifunction Printer
Detailed vulnerability description
The vulnerability allows a local attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. An attacker with physical access can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
How to mitigate CVE-2022-28722
Install updates from vendor's website.