Primary

Context

HP LaserJet Pro Printers Information Disclosure Vulnerability

Vulnerability

Patched

A vulnerability allowing information disclosure exists in certain HP LaserJet Pro printers. This issue arises when a non-authenticated user queries the device's local address book. The vulnerability is present in specific printer models and can lead to unauthorized access to sensitive information.

Impact

Exploitation of this vulnerability could result in unauthorized access to the printer's local address book, potentially disclosing sensitive information.

Remediation

Users are advised to update their printer firmware. HP has provided firmware updates for affected products. To obtain the updated firmware, visit the HP Software and Driver Downloads page and search for your printer model.

Added: Jul 30, 2025, 5:48 PM

Updated: Jul 30, 2025, 5:48 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HP LaserJet Pro Printers Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

HP Color LaserJet MFP M478

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating