CVE-2024-2209

medium

Description

A user with administrative privileges can create a compromised dll file of the same name as the original dll within the HP printer’s Firmware Update Utility (FUU) bundle and place it in the Microsoft Windows default downloads directory which can lead to potential arbitrary code execution.

References

https://support.hp.com/us-en/document/ish_10354903-10354932-16

Details

Source: Mitre, NVD

Published: 2024-03-27

Updated: 2026-02-20

CVSS v3

Base Score: 6.3

Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

Severity: Medium

EPSS

EPSS: 0.00275

Detections

Analytics