CVE-2025-3508

MEDIUM

HP DesignJet Firmware - Unauthenticated Exposure of Sensitive Print Job Information

Title source: llm

Description

Certain HP DesignJet products may be vulnerable to information disclosure though printer's web interface allowing unauthenticated users to view sensitive print job information.

References (1)

Core 1

Core References

Various Sources

https://support.hp.com/us-en/document/ish_12798086-12798125-16/hpsbpi04039

Scores

CVSS v3 6.5

EPSS 0.0013

EPSS Percentile 32.7%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (50)

hp/1vd83a_firmware < jgrp_09_25_22.1

hp/1vd84a_firmware < jgrp_09_25_22.1

hp/1vd85a_firmware < jgrp_09_25_22.1

hp/1vd86a_firmware < jgrp_09_25_22.1

hp/1vd87a_firmware < jgrw_09_25_22.1

hp/1vd87f_firmware < jgrw_09_25_22.1

hp/1vd88a_firmware < jgrw_09_25_22.1

hp/1vd88b_firmware < jgrw_09_25_22.1

hp/1vd88f_firmware < jgrw_09_25_22.1

hp/t8w15a_firmware < jgr6_09_25_22.1

... and 40 more

Published Jul 25, 2025

Tracked Since Feb 18, 2026