Strix
26.1K

CVE-2022-24292

CRITICALCVSS 9.8/10EPSS 7.02%

Last modified

CVE-2022-24292 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.. EPSS estimates a 7.02% chance of exploitation in the next 30 days.

Description

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.

Metrics

CVSS 3.1
9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
7.02%

93.4th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
HpLaserjet Pro M453-M454 W1y40a Firmware< 002_2208a
HpLaserjet Pro M453-M454 W1y41a Firmware< 002_2208a
HpLaserjet Pro M453-M454 W1y46a Firmware< 002_2208a
HpLaserjet Pro M453-M454 W1y47a Firmware< 002_2208a
HpLaserjet Pro M453-M454 W1y44a Firmware< 002_2208a
HpLaserjet Pro M453-M454 W1y45a Firmware< 002_2208a
HpLaserjet Pro M453-M454 W1y43a Firmware< 002_2208a
HpW1a75a Firmware< 002_2208a
HpW1a76a Firmware< 002_2208a
HpW1a77a Firmware< 002_2208a
HpW1a81a Firmware< 002_2208a
HpW1a82a Firmware< 002_2208a
HpW1a79a Firmware< 002_2208a
HpW1a80a Firmware< 002_2208a
HpW1a78a Firmware< 002_2208a
HpLaserjet Pro M304-M305 W1a66a Firmware< 002_2208a
HpLaserjet Pro M304-M305 W1a46a Firmware< 002_2208a
HpLaserjet Pro M304-M305 W1a47a Firmware< 002_2208a
HpLaserjet Pro M304-M305 W1a48a Firmware< 002_2208a
HpLaserjet Pro M304-M305 W1a51a Firmware< 002_2208a
HpLaserjet Pro M304-M305 W1a53a Firmware< 002_2208a
HpLaserjet Pro M304-M305 W1a56a Firmware< 002_2208a
HpLaserjet Pro M304-M305 W1a63a Firmware< 002_2208a
HpLaserjet Pro M304-M305 W1a52a Firmware< 002_2208a
HpLaserjet Pro M304-M305 W1a58a Firmware< 002_2208a
HpLaserjet Pro M304-M305 W1a59a Firmware< 002_2208a
HpLaserjet Pro M304-M305 W1a60a Firmware< 002_2208a
HpLaserjet Pro M304-M305 W1a57a Firmware< 002_2208a
HpLaserjet Pro M404-M405 93m22a Firmware< 002_2208a
HpLaserjet Pro Mfp M428-M429 W1a28a Firmware< 002_2208a
HpLaserjet Pro Mfp M428-M429 W1a31a Firmware< 002_2208a
HpLaserjet Pro Mfp M428-M429 W1a33a Firmware< 002_2208a
HpLaserjet Pro Mfp M428-M429 F W1a29a Firmware< 002_2208a
HpLaserjet Pro Mfp M428-M429 F W1a32a Firmware< 002_2208a
HpLaserjet Pro Mfp M428-M429 F W1a30a Firmware< 002_2208a
HpLaserjet Pro Mfp M428-M429 F W1a38a Firmware< 002_2208a
HpLaserjet Pro Mfp M428-M429 F W1a34a Firmware< 002_2208a
HpLaserjet Pro Mfp M428-M429 F W1a35a Firmware< 002_2208a
HpPagewide 352dw J6u57a Firmware< 2205d
HpPagewide 377dw J9v80a Firmware< 2205d
HpPagewide Managed P55250dw J6u55a Firmware< 2205d
HpPagewide Managed P55250dw J6u51b Firmware< 2205d
HpPagewide Managed P55250dw J6u55b Firmware< 2205d
HpPagewide Managed P57750dw J9v82a Firmware< 2205d
HpPagewide Pro 452dn D3q15a Firmware< 2205d
HpPagewide Pro 452dw D3q16a Firmware< 2205d
HpPagewide Pro 477dn D3q19a Firmware< 2205d
HpPagewide Pro 477dw D3q20a Firmware< 2205d
HpPagewide Pro 552dw D3q17a Firmware< 2205d
HpPagewide Pro 577dw D3q21a Firmware< 2205d

Showing 50 of 68 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2022-24292?
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.
How severe is CVE-2022-24292?
CVE-2022-24292 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 7.02% probability of exploitation in the next 30 days.
How do I fix CVE-2022-24292?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-24292?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST