6.3

CVE-2024-2209

A user with administrative privileges can create a compromised dll file of the same name as the original dll within the HP printer’s Firmware Update Utility (FUU) bundle and place it in the Microsoft Windows default downloads directory which can lead to potential arbitrary code execution.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hp26k70b Firmware Version < 2349b
   Hp26k70b Version-
Hp297x1a Firmware Version < 2349b
   Hp297x1a Version-
Hp2a9q5a Firmware Version < 2349b
   Hp2a9q5a Version-
Hp26k72a Firmware Version < 2349b
   Hp26k72a Version-
Hp26k69a Firmware Version < 2349b
   Hp26k69a Version-
Hp26k70a Firmware Version < 2349b
   Hp26k70a Version-
Hp26k71a Firmware Version < 2349b
   Hp26k71a Version-
Hp26k68a Firmware Version < 2349b
   Hp26k68a Version-
Hp26k67a Firmware Version < 2349b
   Hp26k67a Version-
Hp3xv19a Firmware Version < 2349b
   Hp3xv19a Version-
Hp7fr52a Firmware Version < 2349b
   Hp7fr52a Version-
Hp7fr57a Firmware Version < 2349b
   Hp7fr57a Version-
Hp7fr53a Firmware Version < 2349b
   Hp7fr53a Version-
Hp7fr58a Firmware Version < 2349b
   Hp7fr58a Version-
Hp7fr61a Firmware Version < 2349b
   Hp7fr61a Version-
Hp5ar83a Firmware Version < 2349b
   Hp5ar83a Version-
Hp5ar84a Firmware Version < 2349b
   Hp5ar84a Version-
Hp5ar85a Firmware Version < 2349b
   Hp5ar85a Version-
Hp8rk11a Firmware Version < 2349b
   Hp8rk11a Version-
Hp3xv17a Firmware Version < 2349b
   Hp3xv17a Version-
Hp4ws04a Firmware Version < 2349b
   Hp4ws04a Version-
Hp7fr21a Firmware Version < 2349b
   Hp7fr21a Version-
Hp7fr20a Firmware Version < 2349b
   Hp7fr20a Version-
Hp26k72b Firmware Version < 2349c
   Hp26k72b Version-
Hp26k67b Firmware Version < 2349c
   Hp26k67b Version-
Hp297w8a Firmware Version < 2349c
   Hp297w8a Version-
Hp26k68b Firmware Version < 2349c
   Hp26k68b Version-
Hp297x0a Firmware Version < 2349c
   Hp297x0a Version-
Hp26k70b Firmware Version < 2349c
   Hp26k70b Version-
Hp297x1a Firmware Version < 2349c
   Hp297x1a Version-
Hp2a9q5a Firmware Version < 2349c
   Hp2a9q5a Version-
Hp26k72a Firmware Version < 2349c
   Hp26k72a Version-
Hp26k69a Firmware Version < 2349c
   Hp26k69a Version-
Hp26k70a Firmware Version < 2349c
   Hp26k70a Version-
Hp26k71a Firmware Version < 2349c
   Hp26k71a Version-
Hp26k68a Firmware Version < 2349c
   Hp26k68a Version-
Hp26k67a Firmware Version < 2349c
   Hp26k67a Version-
Hp3xv19a Firmware Version < 2349c
   Hp3xv19a Version-
Hp7fr52a Firmware Version < 2349c
   Hp7fr52a Version-
Hp7fr57a Firmware Version < 2349c
   Hp7fr57a Version-
Hp26k72b Firmware Version < 2349b
   Hp26k72b Version-
Hp26k67b Firmware Version < 2349b
   Hp26k67b Version-
Hp297w8a Firmware Version < 2349b
   Hp297w8a Version-
Hp26k68b Firmware Version < 2349b
   Hp26k68b Version-
Hp297x0a Firmware Version < 2349b
   Hp297x0a Version-
Hp7fr53a Firmware Version < 2349c
   Hp7fr53a Version-
Hp7fr58a Firmware Version < 2349c
   Hp7fr58a Version-
Hp7fr61a Firmware Version < 2349c
   Hp7fr61a Version-
Hp5ar83a Firmware Version < 2349c
   Hp5ar83a Version-
Hp5ar84a Firmware Version < 2349c
   Hp5ar84a Version-
Hp5ar85a Firmware Version < 2349c
   Hp5ar85a Version-
Hp8rk11a Firmware Version < 2349c
   Hp8rk11a Version-
Hp3xv17a Firmware Version < 2349c
   Hp3xv17a Version-
Hp4ws04a Firmware Version < 2349c
   Hp4ws04a Version-
Hp7fr21a Firmware Version < 2349c
   Hp7fr21a Version-
Hp7fr20a Firmware Version < 2349c
   Hp7fr20a Version-
Hp7fr21a Firmware Version < 2349d
   Hp7fr21a Version-
Hp26k72b Firmware Version < 2349d
   Hp26k72b Version-
Hp26k67b Firmware Version < 2349d
   Hp26k67b Version-
Hp297w8a Firmware Version < 2349d
   Hp297w8a Version-
Hp26k68b Firmware Version < 2349d
   Hp26k68b Version-
Hp297x0a Firmware Version < 2349d
   Hp297x0a Version-
Hp26k70b Firmware Version < 2349d
   Hp26k70b Version-
Hp297x1a Firmware Version < 2349d
   Hp297x1a Version-
Hp2a9q5a Firmware Version < 2349d
   Hp2a9q5a Version-
Hp26k72a Firmware Version < 2349d
   Hp26k72a Version-
Hp26k69a Firmware Version < 2349d
   Hp26k69a Version-
Hp26k70a Firmware Version < 2349d
   Hp26k70a Version-
Hp26k71a Firmware Version < 2349d
   Hp26k71a Version-
Hp26k68a Firmware Version < 2349d
   Hp26k68a Version-
Hp26k67a Firmware Version < 2349d
   Hp26k67a Version-
Hp3xv19a Firmware Version < 2349d
   Hp3xv19a Version-
Hp7fr52a Firmware Version < 2349d
   Hp7fr52a Version-
Hp7fr57a Firmware Version < 2349d
   Hp7fr57a Version-
Hp7fr53a Firmware Version < 2349d
   Hp7fr53a Version-
Hp7fr58a Firmware Version < 2349d
   Hp7fr58a Version-
Hp7fr61a Firmware Version < 2349d
   Hp7fr61a Version-
Hp5ar83a Firmware Version < 2349d
   Hp5ar83a Version-
Hp5ar84a Firmware Version < 2349d
   Hp5ar84a Version-
Hp5ar85a Firmware Version < 2349d
   Hp5ar85a Version-
Hp8rk11a Firmware Version < 2349d
   Hp8rk11a Version-
Hp3xv17a Firmware Version < 2349d
   Hp3xv17a Version-
Hp4ws04a Firmware Version < 2349d
   Hp4ws04a Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.07% 0.201
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.3 0.8 5.5
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.