CVE-2025-1004

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-1004
Certain HP LaserJet Pro printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer via IPP (Internet Printing Protocol).

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://support.hp.com/au-en/document/ish_11927586-11927615-16/hpsbpi03998 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:hp:g3q78a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:g3q78a:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:hp:g3q79a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:g3q79a:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:hp:q3q75a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:q3q75a:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:hp:g3q74a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:g3q74a:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:hp:g3q77a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:g3q77a:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:hp:g3q76a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:g3q76a:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:hp:4pa41a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:4pa41a:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:hp:4pa42a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:4pa42a:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:hp:4pa43a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:4pa43a:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:hp:4pa44a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:4pa44a:-:*:*:*:*:*:*:*
History

24 Feb 2026, 14:39

Type Values Removed Values Added
References () https://support.hp.com/au-en/document/ish_11927586-11927615-16/hpsbpi03998 - () https://support.hp.com/au-en/document/ish_11927586-11927615-16/hpsbpi03998 - Vendor Advisory
CPE cpe:2.3:h:hp:g3q79a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:4pa43a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:g3q77a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:g3q77a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:g3q74a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:g3q78a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:4pa42a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:4pa42a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:4pa44a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:4pa44a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:g3q76a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:q3q75a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:g3q79a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:4pa43a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:g3q74a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:g3q76a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:4pa41a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:q3q75a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:4pa41a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:g3q78a_firmware:*:*:*:*:*:*:*:*
First Time Hp g3q74a
Hp g3q78a Firmware
Hp 4pa43a Firmware
Hp 4pa42a Firmware
Hp g3q79a Firmware
Hp 4pa44a
Hp g3q76a
Hp 4pa41a Firmware
Hp g3q77a Firmware
Hp g3q77a
Hp g3q78a
Hp q3q75a
Hp 4pa43a
Hp g3q79a
Hp 4pa44a Firmware
Hp 4pa41a
Hp 4pa42a
Hp g3q74a Firmware
Hp
Hp g3q76a Firmware
Hp q3q75a Firmware
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.3
Summary
  • (es) Es posible que algunas impresoras HP LaserJet Pro experimenten una denegación de servicio cuando un usuario envía un archivo JPEG sin procesar a la impresora a través de IPP (Protocolo de impresión de Internet).

06 Feb 2025, 21:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-02-06 21:15

Updated : 2026-02-24 14:39

NVD link : CVE-2025-1004

Mitre link : CVE-2025-1004

CVE.ORG link : CVE-2025-1004

JSON object : View

Products Affected

hp

  • 4pa43a_firmware
  • g3q78a_firmware
  • 4pa44a_firmware
  • 4pa41a_firmware
  • g3q77a_firmware
  • g3q78a
  • 4pa42a
  • 4pa41a
  • q3q75a_firmware
  • g3q74a_firmware
  • 4pa42a_firmware
  • g3q79a
  • 4pa43a
  • g3q79a_firmware
  • g3q74a
  • g3q76a_firmware
  • g3q77a
  • q3q75a
  • g3q76a
  • 4pa44a
CWE
CWE-241

Improper Handling of Unexpected Data Type