CVE-2022-28722

Name: CVE-2022-28722
Creator: NVD / NIST
Published: 2022-09-26T15:15:24.633+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

CRITICALCVSS 9.8/10EPSS 1.00%

Last modified Jun 17, 2026

CVE-2022-28722 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. Certain HP Print Products are potentially vulnerable to Buffer Overflow.. EPSS estimates a 1.00% chance of exploitation in the next 30 days.

Description

Certain HP Print Products are potentially vulnerable to Buffer Overflow.

Metrics

CVSS 3.1

9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

1.00%

58.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Hp	P4c78a Firmware	< 001.2224a
Hp	P4c85a Firmware	< 001.2224a
Hp	T3p03a Firmware	< 001.2224a
Hp	P4c86a Firmware	< 001.2224a
Hp	P4c81a Firmware	< 001.2224a
Hp	P4c82a Firmware	< 001.2224a
Hp	P4c84a Firmware	< 001.2224a
Hp	T0g25a Firmware	< 001.2225a
Hp	T0g26a Firmware	< 001.2225a
Hp	J7k33a Firmware	< 001.2225a
Hp	T0f30a Firmware	< 001.2225a
Hp	T0f32a Firmware	< 001.2225a
Hp	T0f38a Firmware	< 001.2225a
Hp	T0f31a Firmware	< 001.2225a
Hp	J7k37a Firmware	< 001.2225a
Hp	J7k38a Firmware	< 001.2225a
Hp	J7k35a Firmware	< 001.2225a
Hp	J7k39a Firmware	< 001.2225a
Hp	T0f28a Firmware	< 001.2225a
Hp	T0f36a Firmware	< 001.2225a
Hp	J7k34a Firmware	< 001.2225a
Hp	T0f33a Firmware	< 001.2225a
Hp	T0f39a Firmware	< 001.2225a
Hp	T0f34a Firmware	< 001.2225a
Hp	T0f35a Firmware	< 001.2225a
Hp	J7k40a Firmware	< 001.2225a
Hp	J7k36a Firmware	< 001.2225a
Hp	J7k42a Firmware	< 001.2225a
Hp	J7k41a Firmware	< 001.2225a
Hp	T0f29a Firmware	< 001.2225a
Hp	T0f37a Firmware	< 001.2225a
Hp	T0f40a Firmware	< 001.2225a
Hp	G5j56a Firmware	< 003.2226a
Hp	Y0s18a Firmware	< 003.2226a
Hp	L3t99a Firmware	< 003.2226a
Hp	Y0s19a Firmware	< 003.2226a
Hp	G5j38a Firmware	< 002.2226a
Hp	T1p99a Firmware	< 002.2226a
Hp	D9l63a Firmware	< 001.2225b
Hp	D9l64a Firmware	< 001.2225b
Hp	J3p65a Firmware	< 001.2225b
Hp	J3p66a Firmware	< 001.2225b
Hp	J3p67a Firmware	< 001.2225b
Hp	J3p68a Firmware	< 001.2225b
Hp	T0g70a Firmware	< 001.2225b
Hp	D9l18a Firmware	< 001.2224b
Hp	M9l66a Firmware	< 001.2224b
Hp	M9l67a Firmware	< 001.2224b
Hp	T0g46a Firmware	< 001.2224b
Hp	J6x76a Firmware	< 001.2224b

Showing 50 of 99 affected configurations. See NVD for the full list.

References

https://support.hp.com/us-en/document/ish_6839789-6839813-16/hpsbpi03810Vendor Advisory
https://support.hp.com/us-en/document/ish_6839789-6839813-16/hpsbpi03810Vendor Advisory

Timeline

Published: Sep 26, 2022
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2022-28722?

Certain HP Print Products are potentially vulnerable to Buffer Overflow.

How severe is CVE-2022-28722?

CVE-2022-28722 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 1.00% probability of exploitation in the next 30 days.

How do I fix CVE-2022-28722?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-28722?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST