1. Home
  2. CVE Database
  3. CVE-2021-3942
CRITICAL · 9.8

CVE-2021-3942

Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.

Vulnerability Description

Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
HpColor Laserjet Cm4540 Mfp Cc419A Firmware>= 3.0, < 3.9.9
HpColor Laserjet Cm4540 Mfp Cc419A-
HpColor Laserjet Cm4540 Mfp Cc420A Firmware>= 3.0, < 3.9.9
HpColor Laserjet Cm4540 Mfp Cc420A-
HpColor Laserjet Cm4540 Mfp Cc421A Firmware>= 3.0, < 3.9.9
HpColor Laserjet Cm4540 Mfp Cc421A-
HpColor Laserjet Cm5525 Mfp Ce707A Firmware>= 3.0, < 3.9.9
HpColor Laserjet Cm5525 Mfp Ce707A-
HpColor Laserjet Cm5525 Mfp Ce708A Firmware>= 3.0, < 3.9.9
HpColor Laserjet Cm5525 Mfp Ce708A-
HpColor Laserjet Cm5525 Mfp Ce709A Firmware>= 3.0, < 3.9.9
HpColor Laserjet Cm5525 Mfp Ce709A-
HpColor Laserjet M578 Mfp 7Zu85A Firmware>= 4.0, < 4.11.2.3
HpColor Laserjet M578 Mfp 7Zu85A-
HpColor Laserjet M578 Mfp 7Zu86A Firmware>= 4.0, < 4.11.2.3
HpColor Laserjet M578 Mfp 7Zu86A-
HpColor Laserjet M578 Mfp 7Zu87A Firmware>= 4.0, < 4.11.2.3
HpColor Laserjet M578 Mfp 7Zu87A-
HpColor Laserjet M578 Mfp 7Zu88A Firmware>= 4.0, < 4.11.2.3
HpColor Laserjet M578 Mfp 7Zu88A-

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2021-3942?

CVE-2021-3942 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.

How severe is CVE-2021-3942?

CVE-2021-3942 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2021-3942?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Color Laserjet Cm4540 Mfp Cc419A Firmware, Hp Color Laserjet Cm4540 Mfp Cc419A, Hp Color Laserjet Cm4540 Mfp Cc420A Firmware, Hp Color Laserjet Cm4540 Mfp Cc420A, Hp Color Laserjet Cm4540 Mfp Cc421A Firmware.