NVD disclosure day

Published threat advisories for March 23, 2022

CVE advisoryCRITICAL

CVE-2022-24293

HP LaserJet Firmware Information Disclosure and Remote Code Execution

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

Certain HP print devices are susceptible to vulnerabilities that could allow for information disclosure, denial of service, or remote code execution. These risks arise when the devices are reachable, impacting the confidentiality, integrity, or availability of the printing environment.

CVE advisoryCRITICAL

CVE-2022-24292

HP LaserJet and PageWide Firmware Information Disclosure and Remote Code Execution Vulnerability

Halo Surface Signal: 3 out of 5 — possibly public-facing.

HP LaserJet and PageWide devices have a vulnerability that could allow attackers to access sensitive information, disrupt operations, or execute malicious code. This issue is relevant because these printers, while typically on local networks, may have exposed management interfaces. The potential for unauthorized access