Strix
26.1K

CVE-2025-26506

CRITICALCVSS 9.2/10EPSS 1.02%

Last modified

CVE-2025-26506 is a critical-severity vulnerability rated 9.2/10 on the CVSS scale. Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.. EPSS estimates a 1.02% chance of exploitation in the next 30 days.

Description

Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.

Metrics

CVSS 3.1
9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 4.0
9.2/10

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

EPSS Probability
1.02%

59.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
Hp4ra85f Firmware< 6.17.5.34-202412122146
Hp4ra85v Firmware< 6.17.5.34-202412122146
Hp4ra86a Firmware< 6.17.5.34-202412122146
Hp4ra86e Firmware< 6.17.5.34-202412122146
Hp4ra86f Firmware< 6.17.5.34-202412122146
Hp4ra87a Firmware< 6.17.5.34-202412122146
Hp4ra87e Firmware< 6.17.5.34-202412122146
Hp4ra87f Firmware< 6.17.5.34-202412122146
Hp4ra88a Firmware< 6.17.5.34-202412122146
Hp4ra88e Firmware< 6.17.5.34-202412122146
Hp4ra88f Firmware< 6.17.5.34-202412122146
Hp4ra89a Firmware< 6.17.5.34-202412122146
Hp4ra89v Firmware< 6.17.5.34-202412122146
Hp5hh48a Firmware< 6.17.5.34-202412122146
Hp5hh48v Firmware< 6.17.5.34-202412122146
Hp5hh51a Firmware< 6.17.5.34-202412122146
Hp499m6a Firmware< 6.17.5.34-202412122146
Hp499m7a Firmware< 6.17.5.34-202412122146
Hp5hh52a Firmware< 6.17.5.34-202412122146
Hp5hh53a Firmware< 6.17.5.34-202412122146
Hp5hh59a Firmware< 6.17.5.34-202412122146
Hp5hh64a Firmware< 6.17.5.34-202412122146
Hp5hh64e Firmware< 6.17.5.34-202412122146
Hp5hh64f Firmware< 6.17.5.34-202412122146
Hp5hh65a Firmware< 6.17.5.34-202412122146
Hp5hh66a Firmware< 6.17.5.34-202412122146
Hp5hh67a Firmware< 6.17.5.34-202412122146
Hp5hh72a Firmware< 6.17.5.34-202412122146
Hp5hh73a Firmware< 6.17.5.34-202412122146
Hp74p25a Firmware< 6.17.5.34-202412122146
Hp74p26a Firmware< 6.17.5.34-202412122146
Hp74p27a Firmware< 6.17.5.34-202412122146
Hp74p28a Firmware< 6.17.5.34-202412122146
Hp4ra85e Firmware< 6.17.5.34-202412122146
Hp4ra85a Firmware< 6.17.5.34-202412122146
Hp4ra84f Firmware< 6.17.5.34-202412122146
Hp4ra84e Firmware< 6.17.5.34-202412122146
Hp4ra84a Firmware< 6.17.5.34-202412122146
Hp4ra83f Firmware< 6.17.5.34-202412122146
Hp4ra83e Firmware< 6.17.5.34-202412122146
Hp4ra83a Firmware< 6.17.5.34-202412122146
Hp4ra82fr Firmware< 6.17.5.34-202412122146
Hp4ra82f Firmware< 6.17.5.34-202412122146
Hp4ra82e Firmware< 6.17.5.34-202412122146
Hp4ra82a Firmware< 6.17.5.34-202412122146
Hp4ra81fr Firmware< 6.17.5.34-202412122146
Hp4ra81f Firmware< 6.17.5.34-202412122146
Hp4ra81e Firmware< 6.17.5.34-202412122146
Hp4ra81a Firmware< 6.17.5.34-202412122146
Hp4ra80f Firmware< 6.17.5.34-202412122146

Showing 50 of 95 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2025-26506?
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
How severe is CVE-2025-26506?
CVE-2025-26506 has a CVSS score of 9.2/10 (CRITICAL severity). The EPSS model estimates a 1.02% probability of exploitation in the next 30 days.
How do I fix CVE-2025-26506?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-26506?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST