Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for SL-X4225RX, SL-X4255LX, SL-X4305LX by HP Inc

    CVE-2026-2832 (GCVE-0-2026-2832)

    Vulnerability from nvd – Published: 2026-02-20 17:21 – Updated: 2026-02-20 18:48
    VLAI
    Title
    Certain Samsung MultiXpress Multifunction Printers Firmware – Potential Information Disclosure
    Summary
    Certain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    hp
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2832",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-20T18:48:25.928301Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-20T18:48:53.729Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Samsung MultiXpress SL-X7600LXR, SL-X7500LXR, SL-X7400LXR",
              "vendor": "HP Inc",
              "versions": [
                {
                  "lessThan": "\u003cV6.D6.00.0801482.04",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Samsung MultiXpress SL-K7400LXR, SL-K7500LXR, SL-K7600LXR",
              "vendor": "HP Inc",
              "versions": [
                {
                  "lessThan": "\u003cV5.D6.00.0801482.02",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "SL-X4225RX, SL-X4255LX, SL-X4305LX",
              "vendor": "HP Inc",
              "versions": [
                {
                  "lessThan": "\u003cV6.33.07.00.0801481.01",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "SL-K4255RX, SL-K4305LX, SL-K4355LX",
              "vendor": "HP Inc",
              "versions": [
                {
                  "lessThan": "\u003cV5.33.07.00.0801481.01",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCertain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization.\u003c/span\u003e"
                }
              ],
              "value": "Certain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-20T17:21:02.566Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "url": "https://support.hp.com/us-en/document/ish_14108019-14108039-16/hpsbpi04094"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Certain Samsung MultiXpress Multifunction Printers Firmware \u2013 Potential Information Disclosure",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2026-2832",
        "datePublished": "2026-02-20T17:21:02.566Z",
        "dateReserved": "2026-02-19T20:59:41.408Z",
        "dateUpdated": "2026-02-20T18:48:53.729Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2832 (GCVE-0-2026-2832)

    Vulnerability from cvelistv5 – Published: 2026-02-20 17:21 – Updated: 2026-02-20 18:48
    VLAI
    Title
    Certain Samsung MultiXpress Multifunction Printers Firmware – Potential Information Disclosure
    Summary
    Certain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    hp
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2832",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-20T18:48:25.928301Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-20T18:48:53.729Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Samsung MultiXpress SL-X7600LXR, SL-X7500LXR, SL-X7400LXR",
              "vendor": "HP Inc",
              "versions": [
                {
                  "lessThan": "\u003cV6.D6.00.0801482.04",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Samsung MultiXpress SL-K7400LXR, SL-K7500LXR, SL-K7600LXR",
              "vendor": "HP Inc",
              "versions": [
                {
                  "lessThan": "\u003cV5.D6.00.0801482.02",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "SL-X4225RX, SL-X4255LX, SL-X4305LX",
              "vendor": "HP Inc",
              "versions": [
                {
                  "lessThan": "\u003cV6.33.07.00.0801481.01",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "SL-K4255RX, SL-K4305LX, SL-K4355LX",
              "vendor": "HP Inc",
              "versions": [
                {
                  "lessThan": "\u003cV5.33.07.00.0801481.01",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCertain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization.\u003c/span\u003e"
                }
              ],
              "value": "Certain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-20T17:21:02.566Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "url": "https://support.hp.com/us-en/document/ish_14108019-14108039-16/hpsbpi04094"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Certain Samsung MultiXpress Multifunction Printers Firmware \u2013 Potential Information Disclosure",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2026-2832",
        "datePublished": "2026-02-20T17:21:02.566Z",
        "dateReserved": "2026-02-19T20:59:41.408Z",
        "dateUpdated": "2026-02-20T18:48:53.729Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }