FKIE_CVE-2025-1004
Vulnerability from fkie_nvd - Published: 2025-02-06 21:15 - Updated: 2026-02-24 14:39
Severity ?
Summary
Certain HP LaserJet Pro printers may potentially
experience a denial of service when a user sends a raw JPEG file to the printer
via IPP (Internet Printing Protocol).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | g3q78a_firmware | * | |
| hp | g3q78a | - | |
| hp | g3q79a_firmware | * | |
| hp | g3q79a | - | |
| hp | q3q75a_firmware | * | |
| hp | q3q75a | - | |
| hp | g3q74a_firmware | * | |
| hp | g3q74a | - | |
| hp | g3q77a_firmware | * | |
| hp | g3q77a | - | |
| hp | g3q76a_firmware | * | |
| hp | g3q76a | - | |
| hp | 4pa41a_firmware | * | |
| hp | 4pa41a | - | |
| hp | 4pa42a_firmware | * | |
| hp | 4pa42a | - | |
| hp | 4pa43a_firmware | * | |
| hp | 4pa43a | - | |
| hp | 4pa44a_firmware | * | |
| hp | 4pa44a | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:g3q78a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4749D9B-36EE-42C2-8D1C-BE4AFF28AD33",
"versionEndExcluding": "2024-10-25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:g3q78a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E9E233-B91F-4208-89C8-586C805A1CD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:g3q79a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C70BE5-DBE3-423F-9B33-300742BCBB7A",
"versionEndExcluding": "2024-10-25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:g3q79a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B650768-511C-47BE-9B5F-DE733C22CCF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:q3q75a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35985676-B958-49E2-99C0-65D0093CA466",
"versionEndExcluding": "2024-10-25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:q3q75a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD89FEF5-FA14-4788-9B0B-F8D58238FA37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:g3q74a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A5B418-FEDB-4412-B99A-28431228352E",
"versionEndExcluding": "2024-10-25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:g3q74a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D04930AF-83A2-4F0F-B979-780F180D5B34",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:g3q77a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7B8843D-0940-41F2-94D8-0EB2F698C23A",
"versionEndExcluding": "2024-10-25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:g3q77a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06013139-0D54-4083-B8A0-CC9147280406",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:g3q76a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C975C0-E971-435E-B9FC-FE7EB380523E",
"versionEndExcluding": "2024-10-25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:g3q76a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00616899-A4AF-4933-97D5-10A59D13E845",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:4pa41a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35C87A6B-3240-4E90-B593-FE2F61FB16DE",
"versionEndExcluding": "2024-10-25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:4pa41a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF199ADA-DEF2-4BDD-BFF7-01A32B4D8FF2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:4pa42a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFEB8F6-B011-413B-B6FB-0E3309E2A16D",
"versionEndExcluding": "2024-10-25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:4pa42a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "923A1007-3596-4523-BF73-C836D6DE011E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:4pa43a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "693A9E62-20A9-40B6-8302-C40A49705738",
"versionEndExcluding": "2024-10-25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:4pa43a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F19662-D2AC-49D7-A2C4-550AA3AA8059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:4pa44a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69F74021-D13C-452D-8C28-7EA2CEA7F4D0",
"versionEndExcluding": "2024-10-25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:4pa44a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F09B7EBE-157A-4F37-AE83-9856C632AFEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro printers may potentially\nexperience a denial of service when a user sends a raw JPEG file to the printer\nvia IPP (Internet Printing Protocol)."
},
{
"lang": "es",
"value": "Es posible que algunas impresoras HP LaserJet Pro experimenten una denegaci\u00f3n de servicio cuando un usuario env\u00eda un archivo JPEG sin procesar a la impresora a trav\u00e9s de IPP (Protocolo de impresi\u00f3n de Internet)."
}
],
"id": "CVE-2025-1004",
"lastModified": "2026-02-24T14:39:49.353",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "hp-security-alert@hp.com",
"type": "Secondary"
}
]
},
"published": "2025-02-06T21:15:22.247",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/au-en/document/ish_11927586-11927615-16/hpsbpi03998"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-241"
}
],
"source": "hp-security-alert@hp.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…