CVE & CISA-KEV Catalog

CVE-2019-16240

CRITICAL
9.1
CVSS v3
NVD

Description

A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device.

How to fix

Remediation Available
officejet pro 8210 d9l63a firmwareNVD
Affected:< 001.1937cFixed in:001.1937cCVE-2019-16240derived from NVD
officejet pro 8210 d9l64a firmwareNVD
Affected:< 001.1937cFixed in:001.1937cCVE-2019-16240derived from NVD
officejet pro 8210 j3p65a firmwareNVD
Affected:< 001.1937cFixed in:001.1937cCVE-2019-16240derived from NVD
officejet pro 8210 j3p68a firmwareNVD
Affected:< 001.1937cFixed in:001.1937cCVE-2019-16240derived from NVD
officejet pro 8210 t0g70a firmwareNVD
Affected:< 001.1937cFixed in:001.1937cCVE-2019-16240derived from NVD
pagewide 352dw j6u57a firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide 352dw j6u57b firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide 377dw j9v80a firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide 377dw j9v80b firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide managed p52750dw j9v78b firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide managed p52750dw j9v82a firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide managed p52750dw j9v82d firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide managed p55250dw j6u51b firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide managed p55250dw j6u55a firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide managed p55250dw j6u55d firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide managed p57750dw j9v78b firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide managed p57750dw j9v82a firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide managed p57750dw j9v82d firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 452dn d3q15a firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 452dn d3q15b firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 452dn d3q15d firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 452dw d3q16a firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 452dw d3q16d firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 452dw w2z52b firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 477dn d3q19a firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 477dn d3q19b firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 477dn d3q19d firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 477dw d3q20a firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 477dw d3q20b firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 477dw d3q20c firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 477dw d3q20d firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 477dw w2z53b firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 552dw 2dr21d firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 552dw d3q17a firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 552dw d3q17d firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 552dw k9z74a firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 552dw k9z74d firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 577dw d3q21a firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 577dw d3q21b firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 577dw d3q21c firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 577dw d3q21d firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 577z k9z76a firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 577z k9z76b firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD
pagewide pro 577z k9z76d firmwareNVD
Affected:< 001.1937dFixed in:001.1937dCVE-2019-16240derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Exploit Intelligence

1.31%probability of exploitation in 30 days
67thpercentile

Moderate risk: more likely to be exploited than 67% of all known CVEs.

References

Vendor Advisory1

Related Vulnerabilities

Other CWE-120 (Classic Buffer Overflow) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2014-0195Medium6.8100%-Fix
CVE-2017-7269Critical9.8100%KEV-
CVE-2019-11043High8.799%KEV + RansomFix
CVE-2011-4862High10.095%-Fix
CVE-2007-5659High7.894%KEVFix
CVE-2022-3786High7.591%-Fix
Embed a live status badge for CVE-2019-16240
CVE-2019-16240 severity badge

Markdown

[![CVE-2019-16240](https://tridentstack.com/cve/badge/CVE-2019-16240.svg)](https://tridentstack.com/cve/CVE-2019-16240)

HTML

<a href="https://tridentstack.com/cve/CVE-2019-16240"><img src="https://tridentstack.com/cve/badge/CVE-2019-16240.svg" alt="CVE-2019-16240"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.