{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4682", "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "state": "PUBLISHED", "assignerShortName": "hp", "dateReserved": "2026-03-23T22:00:03.720Z", "datePublished": "2026-04-15T14:32:31.348Z", "dateUpdated": "2026-04-15T18:45:14.071Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "shortName": "hp", "dateUpdated": "2026-04-15T14:32:31.348Z"}, "title": "Certain HP DeskJet All In One (AIO) Devices \u2013 Potential Remote Code Execution & Potential Buffer Overflow", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-121", "description": "CWE-121 Stack-based buffer overflow", "type": "CWE"}]}], "affected": [{"vendor": "HP Inc", "product": "HP DeskJet 2800e All-in-One Printer series", "versions": [{"status": "affected", "version": "0", "lessThan": "<2612A", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HP Inc", "product": "HP DeskJet 4200 All-in-One Printer series", "versions": [{"status": "affected", "version": "0", "lessThan": "<2612A", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HP Inc", "product": "HP DeskJet Ink Advantage 4200 All-in-One Printer series", "versions": [{"status": "affected", "version": "0", "lessThan": "<2612A", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HP Inc", "product": "HP DeskJet 4200e All-in-One Printer series", "versions": [{"status": "affected", "version": "0", "lessThan": "<2612A", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HP Inc", "product": "HP DeskJet Ink Advantage Ultra 4900 series", "versions": [{"status": "affected", "version": "0", "lessThan": "<2612A", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HP Inc", "product": "HP DeskJet Ink Advantage 2800 All-in-One Printer series", "versions": [{"status": "affected", "version": "0", "lessThan": "<2612A", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Certain HP DeskJet All in One devices\nmay be vulnerable to remote code execution caused by a buffer overflow when\nspecially crafted Web Services for Devices (WSD) scan requests are improperly\nvalidated and handled by the MFP.\n\n\n\nWSD\nScan is a Microsoft Windows\u2013based network scanning protocol that allows a PC to\ndiscover scanners (and MFPs) on a network and send scan jobs to them without\nrequiring vendor specific drivers or utilities.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>Certain HP DeskJet All in One devices\nmay be vulnerable to remote code execution caused by a buffer overflow when\nspecially crafted Web Services for Devices (WSD) scan requests are improperly\nvalidated and handled by the MFP.<br>\n<br>\nWSD\nScan is a Microsoft Windows\u2013based network scanning protocol that allows a PC to\ndiscover scanners (and MFPs) on a network and send scan jobs to them without\nrequiring vendor specific drivers or utilities.</p>"}]}], "references": [{"url": "https://support.hp.com/us-en/document/ish_14744451-14744475-16"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "ADJACENT", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.7, "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-15T18:45:03.123522Z", "id": "CVE-2026-4682", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T18:45:14.071Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4682", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-15T18:45:03.123522Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T18:45:08.468Z"}}], "cna": {"title": "Certain HP DeskJet All In One (AIO) Devices \u2013 Potential Remote Code Execution & Potential Buffer Overflow", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "HP Inc", "product": "HP DeskJet 2800e All-in-One Printer series", "versions": [{"status": "affected", "version": "0", "lessThan": "<2612A", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HP Inc", "product": "HP DeskJet 4200 All-in-One Printer series", "versions": [{"status": "affected", "version": "0", "lessThan": "<2612A", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HP Inc", "product": "HP DeskJet Ink Advantage 4200 All-in-One Printer series", "versions": [{"status": "affected", "version": "0", "lessThan": "<2612A", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HP Inc", "product": "HP DeskJet 4200e All-in-One Printer series", "versions": [{"status": "affected", "version": "0", "lessThan": "<2612A", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HP Inc", "product": "HP DeskJet Ink Advantage Ultra 4900 series", "versions": [{"status": "affected", "version": "0", "lessThan": "<2612A", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HP Inc", "product": "HP DeskJet Ink Advantage 2800 All-in-One Printer series", "versions": [{"status": "affected", "version": "0", "lessThan": "<2612A", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://support.hp.com/us-en/document/ish_14744451-14744475-16"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Certain HP DeskJet All in One devices\nmay be vulnerable to remote code execution caused by a buffer overflow when\nspecially crafted Web Services for Devices (WSD) scan requests are improperly\nvalidated and handled by the MFP.\n\n\n\nWSD\nScan is a Microsoft Windows\u2013based network scanning protocol that allows a PC to\ndiscover scanners (and MFPs) on a network and send scan jobs to them without\nrequiring vendor specific drivers or utilities.", "supportingMedia": [{"type": "text/html", "value": "<p>Certain HP DeskJet All in One devices\nmay be vulnerable to remote code execution caused by a buffer overflow when\nspecially crafted Web Services for Devices (WSD) scan requests are improperly\nvalidated and handled by the MFP.<br>\n<br>\nWSD\nScan is a Microsoft Windows\u2013based network scanning protocol that allows a PC to\ndiscover scanners (and MFPs) on a network and send scan jobs to them without\nrequiring vendor specific drivers or utilities.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121 Stack-based buffer overflow"}]}], "providerMetadata": {"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "shortName": "hp", "dateUpdated": "2026-04-15T14:32:31.348Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4682", "state": "PUBLISHED", "dateUpdated": "2026-04-15T18:45:14.071Z", "dateReserved": "2026-03-23T22:00:03.720Z", "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "datePublished": "2026-04-15T14:32:31.348Z", "assignerShortName": "hp"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Certain HP DeskJet All in One devices\nmay be vulnerable to remote code execution caused by a buffer overflow when\nspecially crafted Web Services for Devices (WSD) scan requests are improperly\nvalidated and handled by the MFP.\n\n\n\nWSD\nScan is a Microsoft Windows\u2013based network scanning protocol that allows a PC to\ndiscover scanners (and MFPs) on a network and send scan jobs to them without\nrequiring vendor specific drivers or utilities."}], "id": "CVE-2026-4682", "lastModified": "2026-04-15T15:16:42.800", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "hp-security-alert@hp.com", "type": "Secondary"}]}, "published": "2026-04-15T15:16:42.800", "references": [{"source": "hp-security-alert@hp.com", "url": "https://support.hp.com/us-en/document/ish_14744451-14744475-16"}], "sourceIdentifier": "hp-security-alert@hp.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "hp-security-alert@hp.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,2612A)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "product": "deskjet_2800e_all-in-one_printer_series", "vendor": "hp"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,2612A)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "product": "deskjet_4200_all-in-one_printer_series", "vendor": "hp"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,2612A)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "product": "deskjet_4200e_all-in-one_printer_series", "vendor": "hp"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,2612A)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "HP DeskJet Ink Advantage 2800 All-in-One Printer series", "source": "cna", "vendor": "HP Inc"}, "product": "deskjet_ink_advantage_2800_all-in-one_printer_series", "vendor": "hp"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,2612A)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "HP DeskJet Ink Advantage 4200 All-in-One Printer series", "source": "cna", "vendor": "HP Inc"}, "product": "deskjet_ink_advantage_4200_all-in-one_printer_series", "vendor": "hp"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,2612A)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "HP DeskJet Ink Advantage Ultra 4900 series", "source": "cna", "vendor": "HP Inc"}, "product": "deskjet_ink_advantage_ultra_4900_series", "vendor": "hp"}], "analysis": {"en": {"generated_at": "2026-04-15T19:25:18.506369+00:00", "value": {"mitigation_remediation": ["Apply the latest HP firmware update that addresses the buffer overflow identified as CWE\u2011121.", "If a patch is not yet available, disable the WSD functionality on the printers to eliminate the attack surface.", "Configure network firewalls to block inbound WSD traffic from untrusted networks and restrict access to the printer's management interface to trusted hosts."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The affected devices are HP DeskJet 2800e All\u2011in\u2011One, HP DeskJet 4200 All\u2011in\u2011One, HP DeskJet 4200e All\u2011in\u2011One, HP DeskJet Ink Advantage 2800 All\u2011in\u2011One, HP DeskJet Ink Advantage 4200 All\u2011in\u2011One, and HP DeskJet Ink Advantage Ultra 4900 All\u2011in\u2011One printers. Specific firmware versions are not detailed, so any deployed units of these models should be considered vulnerable until a patch is applied.", "description_and_impact": "This vulnerability is a buffer overflow that can lead to remote code execution. A specially crafted WSD scan request is not properly validated by the multi\u2011function printer firmware, allowing an attacker to inject malicious code and potentially compromise the device, leading to elevation of privileges, data exfiltration, or disruption of service. The weakness is classified as CWE\u2011121.", "risk_and_exploitability": "The CVSS score of 8.7 indicates a high severity vulnerability. EPSS is not available, and it is not listed in the CISA KEV catalog. The likely attack vector is remote over the network via the WSD protocol; an attacker can craft a scan request that exploits the overflow. Successful exploitation would grant remote code execution on the device, potentially compromising other network resources and exposing sensitive documents."}}}}, "created": "2026-04-15T19:30:12.392132+00:00", "updated": "2026-04-15T21:02:29.574935+00:00", "vendors": ["hp", "hp$PRODUCT$deskjet_2800e_all-in-one_printer_series", "hp$PRODUCT$deskjet_4200_all-in-one_printer_series", "hp$PRODUCT$deskjet_4200e_all-in-one_printer_series", "hp$PRODUCT$deskjet_ink_advantage_2800_all-in-one_printer_series", "hp$PRODUCT$deskjet_ink_advantage_4200_all-in-one_printer_series", "hp$PRODUCT$deskjet_ink_advantage_ultra_4900_series"]}