CVE-2023-1526

MEDIUM

HP DesignJet/PageWide XL - Info Disclosure

Title source: llm

Description

Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer.

References (1)

Core 1

Core References

Vendor Advisory

https://support.hp.com/us-en/document/ish_7869666-7869691-16/hpsbpi03837

Scores

CVSS v3 4.6

EPSS 0.0006

EPSS Percentile 19.6%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

Status published

Products (10)

hp/designjet_z6_firmware < jgr6_09_22_51.2

hp/designjet_z6dr_firmware < jgr6_09_22_51.2

hp/designjet_z9\+_pro_firmware

hp/designjet_z9_firmware < jgr9_09_22_51.2

hp/designjet_z9dr_firmware < jgr9_09_22_51.2

hp/pagewide_xl_4100 _firmware

hp/pagewide_xl_4500 _firmware

hp/pagewide_xl_4600 _firmware

hp/pagewide_xl_4700 _firmware

hp/pagewide_xl_8000 _firmware

Published Apr 28, 2023

Tracked Since Feb 18, 2026