CVE-2025-26508 HIGH

CVE-2025-26508: Certain HP LaserJet Pro, HP LaserJet Enterprise, HP LaserJet Managed Printers – Potential Remote Code Execution and Potential Elevation of Privilege

Vendor Hp, Inc.
Product Certain HP LaserJet Pro, HP LaserJet Enterprise, HP LaserJet Managed Printers
Weakness CWE-787
Published February 14, 2025
Last update February 14, 2025

CVSS base score

8.3/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.

Key dates

02Disclosure timeline

February 14, 2025 CVE published
February 14, 2025 Record updated