CVE-2019-18912 — HIGH (7.8)

Q: How severe is CVE-2019-18912?

CVE-2019-18912 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-18912?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Futuresmart 4, Hp Laserjet Enterprise M507 1Pv86A, Hp Laserjet Enterprise M507 1Pv87A, Hp Laserjet Enterprise M507 1Pv89A, Hp Laserjet Enterprise M607 K0Q14A.

Vulnerability Description

A potential security vulnerability has been identified for certain HP printers and MFPs with Troy solutions. For affected printers with FutureSmart Firmware bundle version 4.9 or 4.9.0.1 the potential vulnerability may cause instability in the solution.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Hp	Futuresmart 4	< 2409065_000092
Hp	Laserjet Enterprise M507 1Pv86A	-
Hp	Laserjet Enterprise M507 1Pv87A	-
Hp	Laserjet Enterprise M507 1Pv89A	-
Hp	Laserjet Enterprise M607 K0Q14A	-
Hp	Laserjet Enterprise M607 K0Q15A	-
Hp	Laserjet Enterprise M608 K0Q17A	-
Hp	Laserjet Enterprise M608 K0Q18A	-
Hp	Laserjet Enterprise M608 K0Q19A	-
Hp	Laserjet Enterprise M609 K0Q20A	-
Hp	Laserjet Enterprise M609 K0Q21A	-
Hp	Laserjet Enterprise M609 K0Q22A	-
Hp	Laserjet Enterprise M806 Cz244A	-
Hp	Laserjet Enterprise M806 Cz245A	-
Hp	Laserjet Enterprise Flow Mfp M527 F2A78V	-
Hp	Laserjet Enterprise Flow Mfp M527 F2A79A	-
Hp	Laserjet Enterprise Flow Mfp M527 F2A80A	-
Hp	Laserjet Enterprise Mfp M527 F2A76A	-
Hp	Laserjet Enterprise Mfp M527 F2A77A	-
Hp	Laserjet Enterprise Mfp M527 F2A81A	-

References

https://support.hp.com/us-en/document/c06513924Vendor Advisory
https://support.hp.com/us-en/document/c06513924Vendor Advisory

FAQ

What is CVE-2019-18912?

CVE-2019-18912 is a vulnerability with a CVSS score of 7.8 (HIGH). A potential security vulnerability has been identified for certain HP printers and MFPs with Troy solutions. For affected printers with FutureSmart Firmware bundle version 4.9 or 4.9.0.1 the potential...

How severe is CVE-2019-18912?

CVE-2019-18912 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-18912?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Futuresmart 4, Hp Laserjet Enterprise M507 1Pv86A, Hp Laserjet Enterprise M507 1Pv87A, Hp Laserjet Enterprise M507 1Pv89A, Hp Laserjet Enterprise M607 K0Q14A.