CVE-2021-3942

CRITICAL

HP Color LaserJet CM4540 MFP CC419A Firmware 3.0-3.9.8 - Remote Code Execution and Buffer Overflow via LLMNR

Title source: llm

Description

Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.

References (1)

Core 1

Core References

Vendor Advisory

https://support.hp.com/us-en/document/ish_5948778-5949142-16/hpsbpi03780

Scores

CVSS v3 9.8

EPSS 0.0073

EPSS Percentile 72.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-119

Status published

Products (50)

hp/color_laserjet_cm4540_mfp_cc419a_firmware 3.0 - 3.9.9

hp/color_laserjet_cm4540_mfp_cc420a_firmware 3.0 - 3.9.9

hp/color_laserjet_cm4540_mfp_cc421a_firmware 3.0 - 3.9.9

hp/color_laserjet_cm5525_mfp_ce707a_firmware 3.0 - 3.9.9

hp/color_laserjet_cm5525_mfp_ce708a_firmware 3.0 - 3.9.9

hp/color_laserjet_cm5525_mfp_ce709a_firmware 3.0 - 3.9.9

hp/color_laserjet_enterprise_flow_mfp_m577_b5l46a_firmware

hp/color_laserjet_enterprise_flow_mfp_m577_b5l47a_firmware

hp/color_laserjet_enterprise_flow_mfp_m577_b5l48a_firmware

hp/color_laserjet_enterprise_flow_mfp_m577_b5l54a_firmware

... and 40 more

Published Dec 12, 2022

Tracked Since Feb 18, 2026