CVE-2019-6318 — CRITICAL (9.8)

Q: How severe is CVE-2019-6318?

CVE-2019-6318 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2019-6318?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Color Laserjet Cm4540 Mfp Firmware, Hp Color Laserjet Cm4540 Mfp, Hp Color Laserjet Enterprise Cp5525 Firmware, Hp Color Laserjet Enterprise Cp5525, Hp Color Laserjet Enterprise M553 Firmware.

Vulnerability Description

HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP Officejet Enterprise printers have an insufficient solution bundle signature validation that potentially allows execution of arbitrary code.

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Hp	Color Laserjet Cm4540 Mfp Firmware	< 2309010_581401
Hp	Color Laserjet Cm4540 Mfp	-
Hp	Color Laserjet Enterprise Cp5525 Firmware	< 2309010_581402
Hp	Color Laserjet Enterprise Cp5525	-
Hp	Color Laserjet Enterprise M553 Firmware	< 2309010_581409
Hp	Color Laserjet Enterprise M553	-
Hp	Color Laserjet Enterprise M552 Firmware	< 2309010_581409
Hp	Color Laserjet Enterprise M552	-
Hp	Color Laserjet Managed M553 Firmware	< 2309010_581409
Hp	Color Laserjet Managed M553	-
Hp	Color Laserjet Enterprise M651 Firmware	< 2309010_581418
Hp	Color Laserjet Enterprise M651	-
Hp	Color Laserjet Managed M651 Firmware	< 2309010_581418
Hp	Color Laserjet Managed M651	-
Hp	Color Laserjet Enterprise M652 Firmware	< 2407081_000586
Hp	Color Laserjet Enterprise M652	-
Hp	Color Laserjet Enterprise M653 Firmware	< 2407081_000586
Hp	Color Laserjet Enterprise M653	-
Hp	Color Laserjet Enterprise M750 Firmware	< 2309010_581423
Hp	Color Laserjet Enterprise M750	-

Related Weaknesses (CWE)

CWE-347

References

https://support.hp.com/us-en/document/c06265454Vendor Advisory
https://support.hp.com/us-en/document/c06265454Vendor Advisory

FAQ

What is CVE-2019-6318?

CVE-2019-6318 is a vulnerability with a CVSS score of 9.8 (CRITICAL). HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP Officejet Enterprise printers have an insufficient solution bundle signature validation that potentia...

How severe is CVE-2019-6318?

CVE-2019-6318 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2019-6318?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Color Laserjet Cm4540 Mfp Firmware, Hp Color Laserjet Cm4540 Mfp, Hp Color Laserjet Enterprise Cp5525 Firmware, Hp Color Laserjet Enterprise Cp5525, Hp Color Laserjet Enterprise M553 Firmware.