CVE-2019-16240

Name of the Vulnerable Software and Affected Versions HP OfficeJet Pro Printers versions 001.1937C and earlier HP PageWide Managed Printers versions 001.1937D and earlier HP PageWide Pro Printers versions 001.1937D and earlier HP Inkjet printers (affected versions not specified)

Description A Buffer Overflow and Information Disclosure issue exists in certain HP printers. A maliciously crafted print file might cause the printer to assert, producing a core dump to a local device under certain circumstances. The issue is related to the use of the assert() function or similar operators. Exploitation of the issue may allow an attacker to cause a denial of service using a specially crafted file.

Recommendations For HP OfficeJet Pro Printers versions 001.1937C and earlier, update to version 001.1937C or later. For HP PageWide Managed Printers versions 001.1937D and earlier, update to version 001.1937D or later. For HP PageWide Pro Printers versions 001.1937D and earlier, update to version 001.1937D or later. For HP Inkjet printers, at the moment, there is no information about a newer version that contains a fix for this issue. As a temporary workaround, consider restricting the use of specially crafted print files to minimize the risk of exploitation.