Reported by: TBA
hp-support-head-portlet
Actions
- ${title}
Loading...
HP Customer Support - Knowledge Base
hp-contact-secondary-navigation-portlet
Actions
- ${title}
Loading...
hp-share-print-widget-portlet
Actions
- ${title}
Loading...
hp-concentra-wrapper-portlet
Actions
- ${title}
Loading...
SUPPORT COMMUNICATION- SECURITY BULLETIN
Document ID: c06097712
Version: 5
HPSBHF03589 rev. 5 - HP Ink Printers Remote Code Execution
Notice: The information in this security bulletin should be acted upon as soon as possible.
Release date : 24-Jul-2018
Last updated : 18-Oct-2018
Two security vulnerabilities have been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack or static buffer overflow, which could allow remote code execution.
CVE-2018-5924, CVE-2018-5925, PSR-2018-0072
See RESOLUTION section.
For a PGP signed version of this security bulletin please write to: hp-security-alert@hp.com
CVSS 3.0 Base Metrics
|
Reference
|
Base Vector
|
Base Score
|
|
CVE-2018-5924
|
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
9.8 (Critical)
|
|
CVE-2018-5925
|
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
9.8 (Critical)
|
HP has provided firmware updates for impacted printers as set forth in the table below. To obtain the updated firmware, go to the
HP Software and Drivers page for your product and find the firmware update from the list of available software.
For guidance on how to update your product firmware, go to the
Upgrading Printer Firmware page and follow the instructions provided.
PageWide Pro
|
Product Name
|
Product Number
|
Firmware Revision
|
|
HP PageWide 352dw
|
J6U57B
|
001.1829A
|
|
HP PageWide Managed MFP P57750dw
|
J9V82A
J9V82B
J9V82C
J9V82D
|
001.1829A
|
|
HP PageWide Managed MFP P77740dn
|
Y3Z57
|
005.1828A
|
|
HP PageWide Managed MFP P77740dw
|
W1B33
|
005.1828A
|
|
HP PageWide Managed MFP P77740z
|
W1B39
|
005.1828A
|
|
HP PageWide Managed MFP P77750z
|
W1B37
|
005.1828A
|
|
HP PageWide Managed MFP P77760z
|
W1B38
|
005.1828A
|
|
HP PageWide Managed P55250dw
|
J6U55A
J6U55B
J6U55C
J6U55D
|
001.1829A
|
|
HP PageWide Managed P75050dn
|
Y3Z45
|
005.1828A
|
|
HP PageWide Managed P75050dw
|
Y3Z47
|
005.1828A
|
|
HP PageWide MFP 377dw
|
J9V80A
J9V80B
|
001.1829A
|
|
HP PageWide Pro 452dn
|
D3Q15A
D3Q15B
D3Q15D
|
001.1829A
|
|
HP PageWide Pro 552dw
|
D3Q17A
D3Q17C
D3Q17D
|
001.1829A
|
|
HP PageWide Pro 750dn
|
Y3Z46
|
005.1828A
|
|
HP PageWide Pro 750dw
|
Y3Z44
|
005.1828A
|
|
HP PageWide Pro MFP 477dn
|
D3Q19A
D3Q19D
|
001.1829A
|
|
HP PageWide Pro MFP 477dw
|
D3Q20A
D3Q20B
D3Q20C
D3Q20D
|
001.1829A
|
|
HP PageWide Pro MFP 577dw
|
D3Q21A
D3Q21C
D3Q21D
|
001.1829A
|
|
HP PageWide Pro MFP 577z
|
K9Z76A
K9Z76D
|
001.1829A
|
|
HP PageWide Pro MFP 772dn
|
W1B31
|
005.1828A
|
|
HP PageWide Pro MFP 772dw
|
Y3Z54
|
005.1828A
|
|
HP PageWide Pro 452dw
|
D3Q16A
D3Q16B
D3Q16C
D3Q16D
|
001.1829A
|
|
HP Officejet Pro X451dn Printer
|
CN459A
|
1829B
|
|
HP Officejet Pro X451dw Printer
|
CN463A
|
1829B
|
|
HP Officejet Pro X476dn MFP
|
CN460A
|
1829B
|
|
HP Officejet Pro X476dw MFP
|
CN461A
|
1829B
|
|
HP Officejet Pro X551dw Printer
|
CV037A
|
1829B
|
|
HP Officejet Pro X576dw MFP
|
CN598A
|
1829B
|
HP DesignJet
|
Product Name
|
Product Number
|
Firmware Revision
|
|
HP DesignJet rugged case
|
N9M07A
|
1829A
|
|
HP Designjet T120 24-in ePrinter
|
CQ891A
|
1829B
|
|
HP Designjet T120 24-in Printer
|
CQ891B
|
1829B
|
|
HP Designjet T120 24-in Printer (2018 edition)
|
CQ891C
|
1829B
|
|
HP Designjet T120 24-in Rmkt ePrinter
|
CQ891AR
|
1829B
|
|
HP Designjet T520 24-in ePrinter
|
CQ890A
|
1829B
|
|
HP Designjet T520 24-in Printer
|
CQ890B
|
1829B
|
|
HP Designjet T520 24-in Printer (2018 edition)
|
CQ890C
|
1829B
|
|
HP Designjet T520 24-in Printer (2018 edition)
|
CQ890D
|
1829B
|
|
HP Designjet T520 24-in Printer (2018 edition, legless)
|
CQ890E
|
1829B
|
|
HP Designjet T520 24-in Rmkt ePrinter
|
CQ890AR
|
1829B
|
|
HP Designjet T520 36-in ePrinter
|
CQ893A
|
1829B
|
|
HP Designjet T520 36-in Printer
|
CQ893B
|
1829B
|
|
HP Designjet T520 36-in Printer (2018 edition)
|
CQ893C
|
1829B
|
|
HP Designjet T520 36-in Printer (2018 edition, legless)
|
CQ893E
|
1829B
|
|
HP Designjet T520 36-in Rmkt ePrinter
|
CQ893AR
|
1829B
|
|
HP DesignJet T730 36in Printer
|
F9A29A
|
1829A
|
|
HP DesignJet T730 36in Printer
|
F9A29B
|
1829A
|
|
HP Designjet T730 with Rugged Case
|
T5D66A
|
1829A
|
|
HP DesignJet T830 24in eMFP Printer
|
F9A28A
|
1829A
|
|
HP DesignJet T830 24-in MFP Printer
|
F9A28B
|
1829A
|
|
HP DesignJet T830 MFP with Armor Case
|
1JL02B
|
1829A
|
|
HP DesignJet T830 MFP with Armour Case
|
1JL02A
|
1829A
|
|
HP DesignJet T830 MFP with Rugged Case
|
T5D67A
|
1829A
|
HP Officejet, HP Deskjet and HP Envy
|
Product Name
|
Product Number
|
Firmware Revision
|
|
HP AMP 100 Printer series
|
T8X39 - T8X44
1SH08
3AW44A - 3AW51A
|
1828A
|
|
HP Deskjet 2540 All-in-One series
|
A9U19A - A9U28B
D3A78B - D3A82A
|
1828B
|
|
HP DeskJet 2600 All-in-One Printer series
|
4UJ28B
V1N01A - V1N08A
Y5H60A - Y5H80A
|
1828A
|
|
HP Deskjet 2620 Ink Advantage series
|
D4H22A - D4H24B
|
1826A
|
|
HP Deskjet 3540 series
|
A9T81A
A9T81C
A9T83B
|
1828A
|
|
HP DeskJet 3630 series
|
F5S43A - F5S57A
K4T93A - K4T99B
K4U00B - K4U04B
|
1829A
|
|
HP DeskJet 3700 All-in-One Printer series
|
J9V86A - J9V96A
T8W51A - T8W73A
|
1828A
|
|
HP Deskjet 4510 series
|
A9J41 - A9J43
|
1828B
|
|
HP DeskJet 4530 series
|
F0V64 - F0V66
J6U63
W3U23 - W3U24
|
1827B
|
|
HP DeskJet 4720 series
|
F5S65A - F5S66A
L8L91A
|
1829A
|
|
HP DeskJet 5000 series
|
M2U86 - M2U90
|
1828A
|
|
HP DeskJet 5275 All-in-One Printer
|
M2U76 - M2U80
|
1828A
|
|
HP DeskJet 5640 series
|
B9S57C
|
1831A
|
|
HP DeskJet 5730 series
|
F5S60A - F5S61A
T0A23A - T0A25A
|
1829A
|
|
HP DeskJet GT 5820 All-in-One Printer series
|
M2Q28A
P0R21A
X3B09A
2ND31A
|
1829A
|
|
HP Deskjet Ink Advantage 2540 All-in-One
|
A9U23 - A9U28
|
1828B
|
|
HP DeskJet Ink Advantage 2600 All-in-One Printer
|
V1N02A - V1N02C
Y5Z00A - Y5Z07B
|
1828A
|
|
HP DeskJet Ink Advantage 3630 All-in-One Printer
|
F5S43 - F5S57
K9U05B
|
1829A
|
|
HP DeskJet Ink Advantage 3700 All-in-One Printer series
|
1DT61A - 1DT62A
3YZ74A - 3YZ75A
4SC29A - 4SC30A
J9V87A - J9V89B
T8W35A - T8W50C
|
1828A
|
|
HP Deskjet Ink Advantage 3830 e-All-in-One Printer
|
F5R96A - F5R98B
K7V42C - K7V43C
|
1830A
|
|
HP Deskjet Ink Advantage 4615 All-in-One Printer
|
CZ283A - CZ283C
|
1829A
|
|
HP Deskjet Ink Advantage 4625 e-All-in-One
|
CZ284A - CZ284C
|
1829A
|
|
HP Deskjet Ink Advantage 4640 e-All-in-One Printer series
|
B4L08A - B4L10A
|
1830A
|
|
HP DeskJet Ink Advantage 4670 All-in-One Printer
|
F1H97 - F1H199
|
1830A
|
|
HP Deskjet Ink Advantage 5525 e-All-in-One
|
CZ282A - CZ282C
|
1828B
|
|
HP DeskJet Ink Advantage 5570 All-in-One printer
|
G0V48B
G0V48C
|
1831A
|
|
HP Deskjet Ink Advantage 6525 e-All-in-One
|
CZ276A - CZ76C
|
1828B
|
|
HP Envy 120 Series
|
CQ176 - CQ190
|
1827A
|
|
HP ENVY 4500 series
|
A9T80A
A9T80B
A9T89A
D3P93A
|
1828A
|
|
HP ENVY 4510 All-in-One Printer
|
K9H48 - K9H57
|
1827B
|
|
HP ENVY 4520 series
|
F0V63
F0V67 - F0V74
K9T01 - K9T10
J6U59 - J6U62
J6U69 - J6U70
K9H57
W3U25 - W3U27
|
1827B
|
|
HP ENVY 5000 series
|
M2U85
M2U91-M2U94
Z4A54 - Z4A78
|
1828A
|
|
HP ENVY 5530 series
|
A9J40A - A9J48B
D4J85B - D4J86B
|
1828B
|
|
HP ENVY 5540 All-in-One Printer
|
G0V47
G0450 - G0V56
K7C84 - K7C93
K7G86 - K7G90
|
1831A
|
|
HP ENVY 5640 series
|
B9S56A
B9S58A - B9S65A
F8B05A
F8B13A
|
1830B
|
|
HP ENVY 5660 series
|
F8B04A
F8B06A - F8B08A
F8B12A
|
1830B
|
|
HP ENVY 7640 series
|
E4W43-E4W48
|
1830A
|
|
HP ENVY Photo 7800 All-in-One Printer series
|
K7R96A
K7S00 - K7S10
Y0G42 - Y0G52
|
1829A
|
|
HP ENVY Photo 6200 All-in-One Printer series
|
K7G18A-K7G29A
|
1829D
|
|
HP ENVY Photo 7100 All-in-One Printer series
|
K7G93A-K7G99
|
1829D
|
|
HP Ink Tank 310
|
Z6Z11A
|
1737J
1805J
|
|
HP Ink Tank Wireless 410
|
Z4B53A - Z4B55A
Z6Z95A
Z6Z97A
|
1737J
1805J
|
|
HP OfficeJet 200 Mobile series
|
CZ993A
L9B95A
|
1827A
|
|
HP OfficeJet 202 Mobile series
|
N4L14C
N4K99C
|
1827A
|
|
HP OfficeJet 250 Mobile All-in-One Printer series
|
CZ992A
L9D57A
N4L17A
|
1828A
|
|
HP OfficeJet 252 Mobile All-in-One
|
N4L18C
|
1828A
|
|
HP Officejet 2620 series
|
D4H21A - D4H21B
D4H25A - D4H29B
|
1826A
|
|
HP Officejet 3830 e-All-in-One Printer
|
F5R95
F5S00 - F5S04
K7V35 - K7V49
|
1830A
|
|
HP Officejet 4610 e-All-in-One Printer
|
CR771A
|
1829A
|
|
HP Officejet 4620 e-All-in-One Printer
|
CZ152A - CZ152C
|
1829A
|
|
HP Officejet 4622 e-All-in-One Printer
|
CZ294A - CZ296B
|
1829A
|
|
HP Officejet 4630 e-All-in-One Printer series
|
B4L03 - B4L07A
D4J74 - D4J78
|
1830A
|
|
HP OfficeJet 4650 All-in-One Printer
|
F1H96
F1J00 - F1J07
F9D36 - F9D38
K9V76 - K9V85
V6D27- V6D32
|
1830A
|
|
HP OfficeJet 5200 All-in-One Printer
|
M2U75
M2U81-M2U84
Z4B12 - Z4B36
|
1828A
|
|
HP Officejet 5740 series
|
B9S76-B9S85
F8B09-F8B11
T1P36-T1P38
|
1830A
|
|
HP Officejet 6220 / HP Officejet Pro 6230 ePrinter
|
E3E03A
C9S13A
|
1827A
|
|
HP OfficeJet 6600 e-All-in-One
|
CN581A
|
1827D
|
|
HP OfficeJet 6700 Premium e-All-in-One
|
CN583A
|
1827D
|
|
HP Officejet 6810/6820 e-All-in-One Printer
|
F0M65A
G1W52A
|
1828A
|
|
HP OfficeJet 6950 All-in-One
|
P4C78A - P4C87A
T3P03A
T3P04A
|
1828A
|
|
HP OfficeJet 6960 All-in-One
HP OfficeJet Pro 6960 All-in-One
|
J7K33A - J7K39A
T0F28A - T0F38A
T0G25A - T0G26A
|
1828A
|
|
HP Officejet 7110 Wide Format ePrinter
|
CR768A
|
1827A
|
|
HP Officejet 7510 Wide Format All-in-One Printer
|
G3J47A
|
1829A
|
|
HP Officejet 7610 series Wide Format e-All-in-One Printer
|
CR769A
|
1828B
|
|
HP Officejet 7612 Wide Format e-All-in-One
|
G1X85A
|
1829A
|
|
HP Officejet Pro 251dw Printer
|
CV136A
|
1828A
|
|
HP Officejet Pro 276dw Multifunction Printer
|
CR7770A
|
1829A
|
|
HP Officejet Pro 3610 Black and White Printer
|
CZ292A
|
1828A
|
|
HP Officejet Pro 3620 Black and White Printer
|
CZ293A
|
1828A
|
|
HP Officejet Pro 6830 e-All-in-One Printer
|
E3E02A
J2D37A
|
1828A
|
|
HP OfficeJet Pro 6970 All-in-One Printer
|
J7K34A - J7K42A
T0F29A - T0F40A
|
1828A
|
|
HP OfficeJet Pro 7720 Wide Format All-in-One
|
Y0S18A
|
1830A
|
|
HP OfficeJet Pro 7730 Wide Format All-in-One
|
Y0S19A
|
1830A
|
|
HP OfficeJet Pro 7740 Wide Format All-in-One
|
G5J38A
T1P99
T1Q00 - T1Q02
|
1828A
|
|
HP OfficeJet Pro 8210 Printer
HP OfficeJet Pro 8216
|
D9L63A
D9L64A
T0G70A
J3P68A
|
1827B
|
|
HP OfficeJet Pro 8600 e-All-in-One
|
CM749A
|
1829A
|
|
HP OfficeJet Pro 8600 Plus e-All-in-One
|
CM750A
|
1829A
|
|
HP OfficeJet Pro 8600 Premium e-All-in-One
|
CN577A
|
1829A
|
|
HP Officejet Pro 8610 e-All-in-One Printer
|
A7F64A
D7Z36A
E1D34A
J5T77A
T0K98A
|
1828A
|
|
HP Officejet Pro 8620 e-All-in-One Printer
|
A7F65A
D7Z37A
|
1828A
|
|
HP Officejet Pro 8630 e-All-in-One Printer
|
A7F66A
|
1828A
|
|
HP Officejet Pro 8640 e-All-in-One Printer
|
E2D42A
|
1828B
|
|
HP Officejet Pro 8660 e-All-in-One Printer
|
E1D36A
|
1828A
|
|
HP OfficeJet Pro 8710 All-in-One Printer
|
D9L18A
J6X76A - J6X78A
J6X80A - J6X81A
K7S37A - K7S38A
M9L65A - M9L66A
M9L70A
M9L81A
T0G45A - T0G49A
|
1828A
|
|
HP OfficeJet Pro 8720 All-in-One Printer
|
D9L19A
J7A28A
J7A31A
K7S34A - K7S36A
M9L73A - M9L75A
M9L80A
T0G50A - T0G51A
T0G54A
T6T77A
|
1828A
|
|
HP OfficeJet Pro 8730
|
D9L20A
|
1827B
|
|
HP OfficeJet Pro 8732M All-in-One Printer
|
T0G56A - T0G59A
|
1827A
|
|
HP OfficeJet Pro 8740
|
K7S42A
|
1827B
|
|
HP Photosmart 5510 series
|
CQ176A-CQ184A
|
1832A
|
|
HP Photosmart 5510 series (Asian Keyboard)
|
CQ176A-CQ184A
|
1829A
|
|
HP Photosmart 5510d series
|
CQ183A-CQ183C
|
1829B
|
|
HP Photosmart 5520 series e-All-in-One
HP Photosmart 5521 e-All-in-One
HP Photosmart 5522 e-All-in-One
HP Photosmart 5524 e-All-in-One
HP Photosmart 5525 e-All-in-One
|
CX042 - CX049
|
1828B
|
|
HP Photosmart 6510 series
|
CQ761A-CQ764C
|
1829B
|
|
HP Photosmart 6520 e-All-in-One
|
CX017A - CX021C
|
1828B
|
|
HP Photosmart 7520 series
|
CZ025A
CZ045A - CZ046A
|
1830A
|
|
HP Photosmart Plus All-in-One B210 series
|
CN216A - CN223A
|
1829A
|
|
HP Smart Tank Wireless 450
|
Z4B07A
Z4B56A
|
1737J
1805J
|
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, visit
https://www.hp.com/go/contacthp to learn about your HP support options.
Report: To report a potential security vulnerability with any HP supported product, send email to:
hp-security-alert@hp.com.
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via email, visit
https://www.hp.com/go/alerts.
Security Bulletin Archive: To view released Security Bulletins, search the
HP Support Site for "security bulletin".
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
|
PI
|
HP Printing and Imaging
|
|
HF
|
HP Hardware and Firmware
|
|
GN
|
HP General Software
|
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as follows:
Subject: get key
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
REVISION HISTORY :
1 August 2018: Initial Release. 2 August 2018: Updated product table. 10 August 2018: Updated product table. 13 August 2018: Updated product table. 18 October 2018: Updated product table.
© Copyright 2023 HP Development Company, L.P.
HP Inc. shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. HP Inc. and the names of HP products referenced herein are trademarks of HP Inc. in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Additional support options
{{#each this}}
{{#if (eq ../this.length 3)}}
{{else if (eq ../this.length 2)}}
{{else}}
{{/if}}
{{/each}}
hp-feedback-input-portlet
Actions
- ${title}
Loading...
hp-feedback-banner-portlet
Actions
- ${title}
Loading...
hp-country-locator-portlet
Actions
- ${title}
Loading...
Country/Region:
India
India
hp-detect-load-my-device-portlet
Actions
- ${title}
Loading...
hp-hero-support-search
Actions
- ${title}
Loading...
