CVE-2018-5923 — CRITICAL (9.8)

Q: What is CVE-2018-5923?

CVE-2018-5923 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code.

Q: How severe is CVE-2018-5923?

CVE-2018-5923 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2018-5923?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Color Laserjet Cm4540 Mfp Firmware, Hp Color Laserjet Cm4540 Mfp, Hp Color Laserjet Cp5525 Firmware, Hp Color Laserjet Cp5525, Hp Color Laserjet Enterprise Flow Mfp M681F Firmware.

Vulnerability Description

In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code.

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Hp	Color Laserjet Cm4540 Mfp Firmware	< 2308974_579754
Hp	Color Laserjet Cm4540 Mfp	-
Hp	Color Laserjet Cp5525 Firmware	< 2308974_579753
Hp	Color Laserjet Cp5525	-
Hp	Color Laserjet Enterprise Flow Mfp M681F Firmware	< 2406087_000017
Hp	Color Laserjet Enterprise Flow Mfp M681F	-
Hp	Color Laserjet Enterprise Flow Mfp M681Z Firmware	< 2406087_000017
Hp	Color Laserjet Enterprise Flow Mfp M681Z	-
Hp	Color Laserjet Enterprise Flow Mfp M682Z Firmware	< 2406087_000017
Hp	Color Laserjet Enterprise Flow Mfp M682Z	-
Hp	Color Laserjet Enterprise M552 Firmware	< 2308974_579763
Hp	Color Laserjet Enterprise M552	-
Hp	Color Laserjet Enterprise M553 Firmware	< 2308974_579763
Hp	Color Laserjet Enterprise M553	-
Hp	Color Laserjet Enterprise M651 Firmware	< 2406048_029632
Hp	Color Laserjet Enterprise M651	-
Hp	Color Laserjet Enterprise M652N Firmware	< 2406087_000016
Hp	Color Laserjet Enterprise M652N	-
Hp	Color Laserjet Enterprise M652Dn Firmware	< 2406087_000016
Hp	Color Laserjet Enterprise M652Dn	-

Related Weaknesses (CWE)

CWE-347

References

https://support.hp.com/us-en/document/c06169434Vendor Advisory
https://support.hp.com/us-en/document/c06169434Vendor Advisory

FAQ

What is CVE-2018-5923?

CVE-2018-5923 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code.

How severe is CVE-2018-5923?

CVE-2018-5923 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2018-5923?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Color Laserjet Cm4540 Mfp Firmware, Hp Color Laserjet Cm4540 Mfp, Hp Color Laserjet Cp5525 Firmware, Hp Color Laserjet Cp5525, Hp Color Laserjet Enterprise Flow Mfp M681F Firmware.