Detections
Analytics

HP LaserJet Printers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2013-4829)

low Tenable OT Security Plugin ID 505351

Synopsis

The remote OT asset is affected by a vulnerability.

Description

HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices allow local users to read images of arbitrary scanned documents via unspecified vectors.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

http://www.nessus.org/u?96aa0e49

Plugin Details

Severity: Low

ID: 505351

File Name: tenable_ot_hp_CVE-2013-4829.nasl

Version: 1.1

Type: Remote

Family: Tenable.ot

Published: 5/26/2026

Updated: 5/26/2026

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Low

Base Score: 1.5

Vector: CVSS2#AV:L/AC:M/Au:S/C:P/I:N/A:N

CVSS Score Source: CVE-2013-4829

CVSS v3

Risk Factor: Low

Base Score: 2.5

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

CPE: cpe:/h:hp:color_laserjet_m775f_mfp, cpe:/h:hp:laserjet_mfp_m725z, cpe:/h:hp:color_laserjet_cm4540_mfp, cpe:/h:hp:color_laserjet_cm4540fskm_mfp, cpe:/h:hp:laserjet_flow_mfp_m525c, cpe:/h:hp:color_laserjet_m775z_mfp, cpe:/h:hp:laserjet_mfp_m525dn, cpe:/h:hp:laserjet_enterprise_color_flow_mfp_m575c, cpe:/h:hp:laserjet_m4555fskm_mfp, cpe:/h:hp:color_laserjet_m775dn_mfp, cpe:/h:hp:color_laserjet_m775z%2b_mfp, cpe:/h:hp:laserjet_m4555h_mfp, cpe:/h:hp:color_laserjet_mfp_m575dn, cpe:/h:hp:laserjet_mfp_m725dn, cpe:/h:hp:laserjet_m4555_mfp, cpe:/h:hp:color_laserjet_cm4540f_mfp, cpe:/h:hp:laserjet_mfp_m525f, cpe:/h:hp:color_laserjet_mfp_m575f, cpe:/h:hp:laserjet_mfp_m725f, cpe:/h:hp:laserjet_mfp_m725z%2b, cpe:/h:hp:laserjet_m4555f_mfp

Required KB Items: Tenable.ot/HP

Patch Publication Date: 10/4/2013

Vulnerability Publication Date: 10/4/2013

Reference Information

CVE: CVE-2013-4829

CWE: 200