Search
Find a vulnerability
Search criteria
2 vulnerabilities found for SL-X4225RX, SL-X4255LX, SL-X4305LX by HP Inc
CVE-2026-2832 (GCVE-0-2026-2832)
Vulnerability from nvd – Published: 2026-02-20 17:21 – Updated: 2026-02-20 18:48
VLAI
EPSS
VEX
Title
Certain Samsung MultiXpress Multifunction Printers Firmware – Potential Information Disclosure
Summary
Certain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| HP Inc | Samsung MultiXpress SL-X7600LXR, SL-X7500LXR, SL-X7400LXR |
Affected:
0 , < <V6.D6.00.0801482.04
(custom)
|
|
| HP Inc | Samsung MultiXpress SL-K7400LXR, SL-K7500LXR, SL-K7600LXR |
Affected:
0 , < <V5.D6.00.0801482.02
(custom)
|
|
| HP Inc | SL-X4225RX, SL-X4255LX, SL-X4305LX |
Affected:
0 , < <V6.33.07.00.0801481.01
(custom)
|
|
| HP Inc | SL-K4255RX, SL-K4305LX, SL-K4355LX |
Affected:
0 , < <V5.33.07.00.0801481.01
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2832",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-20T18:48:25.928301Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T18:48:53.729Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Samsung MultiXpress SL-X7600LXR, SL-X7500LXR, SL-X7400LXR",
"vendor": "HP Inc",
"versions": [
{
"lessThan": "\u003cV6.D6.00.0801482.04",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Samsung MultiXpress SL-K7400LXR, SL-K7500LXR, SL-K7600LXR",
"vendor": "HP Inc",
"versions": [
{
"lessThan": "\u003cV5.D6.00.0801482.02",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SL-X4225RX, SL-X4255LX, SL-X4305LX",
"vendor": "HP Inc",
"versions": [
{
"lessThan": "\u003cV6.33.07.00.0801481.01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SL-K4255RX, SL-K4305LX, SL-K4355LX",
"vendor": "HP Inc",
"versions": [
{
"lessThan": "\u003cV5.33.07.00.0801481.01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCertain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization.\u003c/span\u003e"
}
],
"value": "Certain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T17:21:02.566Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_14108019-14108039-16/hpsbpi04094"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Certain Samsung MultiXpress Multifunction Printers Firmware \u2013 Potential Information Disclosure",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2026-2832",
"datePublished": "2026-02-20T17:21:02.566Z",
"dateReserved": "2026-02-19T20:59:41.408Z",
"dateUpdated": "2026-02-20T18:48:53.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2832 (GCVE-0-2026-2832)
Vulnerability from cvelistv5 – Published: 2026-02-20 17:21 – Updated: 2026-02-20 18:48
VLAI
EPSS
VEX
Title
Certain Samsung MultiXpress Multifunction Printers Firmware – Potential Information Disclosure
Summary
Certain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| HP Inc | Samsung MultiXpress SL-X7600LXR, SL-X7500LXR, SL-X7400LXR |
Affected:
0 , < <V6.D6.00.0801482.04
(custom)
|
|
| HP Inc | Samsung MultiXpress SL-K7400LXR, SL-K7500LXR, SL-K7600LXR |
Affected:
0 , < <V5.D6.00.0801482.02
(custom)
|
|
| HP Inc | SL-X4225RX, SL-X4255LX, SL-X4305LX |
Affected:
0 , < <V6.33.07.00.0801481.01
(custom)
|
|
| HP Inc | SL-K4255RX, SL-K4305LX, SL-K4355LX |
Affected:
0 , < <V5.33.07.00.0801481.01
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2832",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-20T18:48:25.928301Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T18:48:53.729Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Samsung MultiXpress SL-X7600LXR, SL-X7500LXR, SL-X7400LXR",
"vendor": "HP Inc",
"versions": [
{
"lessThan": "\u003cV6.D6.00.0801482.04",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Samsung MultiXpress SL-K7400LXR, SL-K7500LXR, SL-K7600LXR",
"vendor": "HP Inc",
"versions": [
{
"lessThan": "\u003cV5.D6.00.0801482.02",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SL-X4225RX, SL-X4255LX, SL-X4305LX",
"vendor": "HP Inc",
"versions": [
{
"lessThan": "\u003cV6.33.07.00.0801481.01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SL-K4255RX, SL-K4305LX, SL-K4355LX",
"vendor": "HP Inc",
"versions": [
{
"lessThan": "\u003cV5.33.07.00.0801481.01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCertain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization.\u003c/span\u003e"
}
],
"value": "Certain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T17:21:02.566Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_14108019-14108039-16/hpsbpi04094"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Certain Samsung MultiXpress Multifunction Printers Firmware \u2013 Potential Information Disclosure",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2026-2832",
"datePublished": "2026-02-20T17:21:02.566Z",
"dateReserved": "2026-02-19T20:59:41.408Z",
"dateUpdated": "2026-02-20T18:48:53.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}