CVE-2021-3942

Name: CVE-2021-3942
Creator: NVD / NIST
Published: 2022-12-12T13:15:11.86+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

CRITICALCVSS 9.8/10EPSS 1.39%

Last modified Jun 17, 2026

CVE-2021-3942 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.. EPSS estimates a 1.39% chance of exploitation in the next 30 days.

Description

Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.

Metrics

CVSS 3.1

9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

1.39%

68.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Hp	Color Laserjet Cm4540 Mfp Cc419a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Cm4540 Mfp Cc420a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Cm4540 Mfp Cc421a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Cm5525 Mfp Ce707a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Cm5525 Mfp Ce708a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Cm5525 Mfp Ce709a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet M578 Mfp 7zu85a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet M578 Mfp 7zu85a Firmware	>= 5.0, < 5.4
Hp	Color Laserjet M578 Mfp 7zu86a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet M578 Mfp 7zu86a Firmware	>= 5.0.0, < 5.4
Hp	Color Laserjet M578 Mfp 7zu87a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet M578 Mfp 7zu87a Firmware	>= 5.0.0, < 5.4
Hp	Color Laserjet M578 Mfp 7zu88a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet M578 Mfp 7zu88a Firmware	>= 5.0.0, < 5.4
Hp	Color Laserjet Enterprise Flow Mfp M880z D7p70a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Enterprise Flow Mfp M880z D7p70a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet Enterprise Flow Mfp M880z A2w75a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Enterprise Flow Mfp M880z A2w75a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet Enterprise Flow Mfp M880z A2w76a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Enterprise Flow Mfp M880z A2w76a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet Enterprise Flow Mfp M880z D7p71a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Enterprise Flow Mfp M880z D7p71a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet Enterprise Flow Mfp M880z L3u51a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Enterprise Flow Mfp M880z L3u51a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet Enterprise Flow Mfp M880z L3u52a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Enterprise Flow Mfp M880z L3u52a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet Managed Flow Mfp M880zm D7p70a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Managed Flow Mfp M880zm D7p70a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet Managed Flow Mfp M880zm A2w75a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Managed Flow Mfp M880zm A2w75a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet Managed Flow Mfp M880zm A2w76a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Managed Flow Mfp M880zm A2w76a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet Managed Flow Mfp M880zm D7p71a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Managed Flow Mfp M880zm D7p71a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet Managed Flow Mfp M880zm L3u51a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Managed Flow Mfp M880zm L3u51a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet Managed Flow Mfp M880zm L3u52a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Managed Flow Mfp M880zm L3u52a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet M455 39z95a Firmware	>= 5.0, < 5.4
Hp	Color Laserjet M552 B5l23a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet M552 B5l23a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet M552 B5l23a Firmware	>= 5.0, < 5.4
Hp	Color Laserjet Enterprise M553 B5l24a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Enterprise M553 B5l24a Firmware	>= 4.0, < 4.11.23
Hp	Color Laserjet Enterprise M553 B5l24a Firmware	>= 5.0, < 5.4
Hp	Color Laserjet Enterprise M553 B5l25a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Enterprise M553 B5l25a Firmware	>= 4.0, < 4.11.2.3
Hp	Color Laserjet Enterprise M553 B5l25a Firmware	>= 5.0, < 5.4
Hp	Color Laserjet Enterprise M553 B5l26a Firmware	>= 3.0, < 3.9.9
Hp	Color Laserjet Enterprise M553 B5l26a Firmware	>= 4.0, < 4.11.2.3

Showing 50 of 2783 affected configurations. See NVD for the full list.

References

https://support.hp.com/us-en/document/ish_5948778-5949142-16/hpsbpi03780Vendor Advisory
https://support.hp.com/us-en/document/ish_5948778-5949142-16/hpsbpi03780Vendor Advisory

Timeline

Published: Dec 12, 2022
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2021-3942?

Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.

How severe is CVE-2021-3942?

CVE-2021-3942 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 1.39% probability of exploitation in the next 30 days.

How do I fix CVE-2021-3942?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-3942?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST