CVE-2019-16240 — CRITICAL (9.1)

Q: How severe is CVE-2019-16240?

CVE-2019-16240 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2019-16240?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Pagewide Pro 577Z K9Z76A Firmware, Hp Pagewide Pro 577Z K9Z76A, Hp Pagewide Pro 577Z K9Z76B Firmware, Hp Pagewide Pro 577Z K9Z76B, Hp Pagewide Pro 577Z K9Z76D Firmware.

Vulnerability Description

A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device.

CVSS Score

9.1

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Hp	Pagewide Pro 577Z K9Z76A Firmware	< 001.1937d
Hp	Pagewide Pro 577Z K9Z76A	-
Hp	Pagewide Pro 577Z K9Z76B Firmware	< 001.1937d
Hp	Pagewide Pro 577Z K9Z76B	-
Hp	Pagewide Pro 577Z K9Z76D Firmware	< 001.1937d
Hp	Pagewide Pro 577Z K9Z76D	-
Hp	Pagewide Pro 577Dw D3Q21A Firmware	< 001.1937d
Hp	Pagewide Pro 577Dw D3Q21A	-
Hp	Pagewide Pro 577Dw D3Q21B Firmware	< 001.1937d
Hp	Pagewide Pro 577Dw D3Q21B	-
Hp	Pagewide Pro 577Dw D3Q21C Firmware	< 001.1937d
Hp	Pagewide Pro 577Dw D3Q21C	-
Hp	Pagewide Pro 577Dw D3Q21D Firmware	< 001.1937d
Hp	Pagewide Pro 577Dw D3Q21D	-
Hp	Pagewide Pro 552Dw 2Dr21D Firmware	< 001.1937d
Hp	Pagewide Pro 552Dw 2Dr21D	-
Hp	Pagewide Pro 552Dw D3Q17A Firmware	< 001.1937d
Hp	Pagewide Pro 552Dw D3Q17A	-
Hp	Pagewide Pro 552Dw D3Q17D Firmware	< 001.1937d
Hp	Pagewide Pro 552Dw D3Q17D	-

Related Weaknesses (CWE)

CWE-120

References

https://support.hp.com/us-en/document/c06458150Vendor Advisory
https://support.hp.com/us-en/document/c06458150Vendor Advisory

FAQ

What is CVE-2019-16240?

CVE-2019-16240 is a vulnerability with a CVSS score of 9.1 (CRITICAL). A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A malici...

How severe is CVE-2019-16240?

CVE-2019-16240 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2019-16240?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Pagewide Pro 577Z K9Z76A Firmware, Hp Pagewide Pro 577Z K9Z76A, Hp Pagewide Pro 577Z K9Z76B Firmware, Hp Pagewide Pro 577Z K9Z76B, Hp Pagewide Pro 577Z K9Z76D Firmware.