CVE-2025-43018

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-43018
Certain HP LaserJet Pro printers may be vulnerable to information disclosure when a non-authenticated user queries a device’s local address book.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://support.hp.com/us-en/document/ish_12807011-12807034-16/hpsbpi04040 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:hp:w1a75a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a75a:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:hp:w1a76a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a76a:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:hp:w1a77a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a77a:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:hp:w1a81a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a81a:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:hp:w1a82a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a82a:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:hp:w1a79a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a79a:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:hp:w1a80a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a80a:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:hp:w1a78a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a78a:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:hp:w1a29a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a29a:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:hp:w1a32a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a32a:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:hp:w1a30a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a30a:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:hp:w1a38a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a38a:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:hp:w1a34a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a34a:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:hp:w1a35a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a35a:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:hp:w1a28a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a28a:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:hp:w1a31a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a31a:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:hp:w1a33a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a33a:-:*:*:*:*:*:*:*
History

24 Feb 2026, 14:37

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.3
First Time Hp w1a35a
Hp w1a76a Firmware
Hp w1a38a Firmware
Hp w1a82a
Hp w1a81a
Hp w1a28a Firmware
Hp w1a35a Firmware
Hp w1a81a Firmware
Hp w1a30a Firmware
Hp w1a77a
Hp w1a80a
Hp w1a30a
Hp w1a75a Firmware
Hp w1a78a Firmware
Hp w1a31a
Hp w1a76a
Hp w1a33a
Hp w1a78a
Hp w1a34a Firmware
Hp w1a75a
Hp w1a77a Firmware
Hp w1a38a
Hp w1a33a Firmware
Hp w1a32a Firmware
Hp w1a34a
Hp w1a80a Firmware
Hp
Hp w1a28a
Hp w1a79a
Hp w1a29a Firmware
Hp w1a32a
Hp w1a29a
Hp w1a82a Firmware
Hp w1a31a Firmware
Hp w1a79a Firmware
CPE cpe:2.3:o:hp:w1a75a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a81a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a34a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a32a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a81a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a29a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a32a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a28a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a35a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a78a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a76a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a30a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a75a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a38a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a35a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a33a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a30a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a28a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a31a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a80a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a76a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a77a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a78a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a82a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a79a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a82a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a34a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a79a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a33a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a29a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a77a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a31a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a80a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:w1a38a_firmware:*:*:*:*:*:*:*:*
References () https://support.hp.com/us-en/document/ish_12807011-12807034-16/hpsbpi04040 - () https://support.hp.com/us-en/document/ish_12807011-12807034-16/hpsbpi04040 - Vendor Advisory

31 Jul 2025, 18:42

Type Values Removed Values Added
Summary
  • (es) Algunas impresoras HP LaserJet Pro pueden ser vulnerables a la divulgación de información cuando un usuario no autenticado consulta la libreta de direcciones local de un dispositivo.

30 Jul 2025, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-07-30 15:15

Updated : 2026-02-24 14:37

NVD link : CVE-2025-43018

Mitre link : CVE-2025-43018

CVE.ORG link : CVE-2025-43018

JSON object : View

Products Affected

hp

  • w1a34a
  • w1a81a_firmware
  • w1a34a_firmware
  • w1a28a
  • w1a78a
  • w1a35a
  • w1a29a
  • w1a79a
  • w1a75a
  • w1a33a
  • w1a33a_firmware
  • w1a31a
  • w1a29a_firmware
  • w1a32a
  • w1a38a
  • w1a77a
  • w1a76a_firmware
  • w1a80a_firmware
  • w1a75a_firmware
  • w1a82a_firmware
  • w1a77a_firmware
  • w1a28a_firmware
  • w1a30a_firmware
  • w1a81a
  • w1a35a_firmware
  • w1a82a
  • w1a30a
  • w1a31a_firmware
  • w1a38a_firmware
  • w1a78a_firmware
  • w1a79a_firmware
  • w1a80a
  • w1a76a
  • w1a32a_firmware
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor