CVE-2020-28419

HIGH

Driver Software/Application Packages - Code Injection

Title source: llm
STIX 2.1

Description

During installation with certain driver software or application packages an arbitrary code execution could occur.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.hp.com/us-en/document/c07058567

Scores

CVSS v3 8.8
EPSS 0.0078
EPSS Percentile 73.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Status published
Products (50)
hp/_laserjet_managed_mfp_e62665_firmware < 49.1.4424
hp/color_laserjet_cm4540_mfp_firmware < 61.111.01.9108
hp/color_laserjet_enterprise_flow_mfp_m577_firmware < 16.0.19233.658
hp/color_laserjet_enterprise_flow_mfp_m680_firmware < 10.0.15324.199
hp/color_laserjet_enterprise_flow_mfp_m880z_firmware < 11.0.19232.882
hp/color_laserjet_enterprise_m455_firmware < 52.1.4899
hp/color_laserjet_enterprise_m552_firmware < 14.0.19241.351
hp/color_laserjet_enterprise_m553_firmware < 14.0.19232.485
hp/color_laserjet_enterprise_m651_firmware < 10.0.16007.5
hp/color_laserjet_enterprise_m750_firmware < 9.0.15316.203
... and 40 more
Published Nov 09, 2021
Tracked Since Feb 18, 2026