Detections
Analytics

HP Multiple Products Buffer Overflow (CVE-2019-6337)

medium Tenable OT Security Plugin ID 503304

Synopsis

The remote OT asset is affected by a vulnerability.

Description

For the printers listed a maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

https://support.hp.com/us-en/document/c06458150

Plugin Details

Severity: Medium

ID: 503304

Version: 1.1

Type: remote

Family: Tenable.ot

Published: 7/28/2025

Updated: 7/28/2025

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Low

Base Score: 3.3

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:P

CVSS Score Source: CVE-2019-6337

CVSS v3

Risk Factor: Medium

Base Score: 5.2

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

Vulnerability Information

CPE: cpe:/o:hp:d3q15a_firmware, cpe:/o:hp:j9v80a_firmware, cpe:/o:hp:j3p65a_firmware, cpe:/o:hp:k9z76a_firmware, cpe:/o:hp:t0g70a_firmware, cpe:/o:hp:j6u57a_firmware, cpe:/o:hp:j9v82a_firmware, cpe:/o:hp:d9l63a_firmware, cpe:/o:hp:d3q21a_firmware, cpe:/o:hp:j3p68a_firmware, cpe:/o:hp:d3q20a_firmware, cpe:/o:hp:d3q16a_firmware, cpe:/o:hp:k9z74a_firmware, cpe:/o:hp:d3q17a_firmware, cpe:/o:hp:d9l64a_firmware, cpe:/o:hp:j6u55a_firmware, cpe:/o:hp:d3q19a_firmware

Required KB Items: Tenable.ot/HP

Exploit Ease: No known exploits are available

Patch Publication Date: 11/7/2019

Vulnerability Publication Date: 11/7/2019

Reference Information

CVE: CVE-2019-6337