CVE-2018-5923
CRITICALHP Color LaserJet CM4540 MFP Firmware < 2308974_579754 - Arbitrary Code Execution via Improper Signature Verification
Title source: llmDescription
In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://support.hp.com/us-en/document/c06169434
Scores
CVSS v3
9.8
EPSS
0.0154
EPSS Percentile
81.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-347
Status
published
Products (50)
hp/color_laserjet_cm4540_mfp_firmware
< 2308974_579754
hp/color_laserjet_cp5525_firmware
< 2308974_579753
hp/color_laserjet_enterprise_flow_mfp_m681f_firmware
< 2406087_000017
hp/color_laserjet_enterprise_flow_mfp_m681z_firmware
< 2406087_000017
hp/color_laserjet_enterprise_flow_mfp_m682z_firmware
< 2406087_000017
hp/color_laserjet_enterprise_m552_firmware
< 2308974_579763
hp/color_laserjet_enterprise_m553_firmware
< 2308974_579763
hp/color_laserjet_enterprise_m651_firmware
< 2406048_029632
hp/color_laserjet_enterprise_m652dn_firmware
< 2406087_000016
hp/color_laserjet_enterprise_m652n_firmware
< 2406087_000016
... and 40 more
Published
Mar 27, 2019
Tracked Since
Feb 18, 2026