CVE-2019-6318

Q: What is the severity of CVE-2019-6318?

CVE-2019-6318 has a CVSS score of 9.8 (CRITICAL). HP enterprise printers have insufficient signature validation for solution bundles, allowing attackers to upload and execute arbitrary code. This affects HP LaserJet Enterprise, PageWide Enterprise, LaserJet Managed, and Officejet Enterprise printers. Attackers could gain full control of affected devices.

9.8 CRITICAL

Remote Code Execution

📋 TL;DR

HP enterprise printers have insufficient signature validation for solution bundles, allowing attackers to upload and execute arbitrary code. This affects HP LaserJet Enterprise, PageWide Enterprise, LaserJet Managed, and Officejet Enterprise printers. Attackers could gain full control of affected devices.

💻 Affected Systems

Products:

HP LaserJet Enterprise printers
HP PageWide Enterprise printers
HP LaserJet Managed printers
HP Officejet Enterprise printers

Versions: Firmware versions prior to the fix

Operating Systems: Printer firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects printers with vulnerable firmware versions; exact version ranges vary by model.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of printer with persistent backdoor installation, lateral movement to internal networks, data exfiltration, and use as attack platform.

🟠

Likely Case

Printer takeover for credential harvesting, network reconnaissance, or disruption of printing services.

🟢

If Mitigated

Limited impact if network segmentation and access controls prevent printer access from untrusted networks.

🌐 Internet-Facing: HIGH if printers are directly internet-accessible with vulnerable firmware.

🏢 Internal Only: HIGH as internal attackers or malware could exploit this to pivot through networks.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Signature bypass allows arbitrary code execution; exploitation requires network access to printer management interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates with enhanced signature validation

Vendor Advisory: https://support.hp.com/us-en/document/c06265454

Restart Required: Yes

Instructions:

1. Identify affected printer models. 2. Download latest firmware from HP support site. 3. Upload firmware via printer web interface or HP tools. 4. Reboot printer after installation.

🔧 Temporary Workarounds

Network segmentation

all

Isolate printers on separate VLAN with strict access controls

Disable remote management

all

Turn off unnecessary management interfaces and services

🧯 If You Can't Patch

Place printers behind firewalls with strict inbound/outbound rules
Implement network monitoring for suspicious printer traffic

🔍 How to Verify

Check if Vulnerable:

Check firmware version via printer web interface > Settings > System > Firmware Datecode

Check Version:

Not applicable - use web interface or HP management tools

Verify Fix Applied:

Verify firmware version matches or exceeds patched versions listed in HP advisory

📡 Detection & Monitoring

Log Indicators:

Unexpected firmware upload attempts
Unusual network connections from printer
Authentication failures on printer interface

Network Indicators:

HTTP/HTTPS traffic to printer management ports from unusual sources
Large file uploads to printer

SIEM Query:

source="printer_logs" AND (event="firmware_upload" OR event="unauthorized_access")

📊 Metadata

CVE ID: CVE-2019-6318

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-347

Published: April 11, 2019

Last Updated: November 21, 2024

🔗 References

https://support.hp.com/us-en/document/c06265454 Vendor Advisory
https://support.hp.com/us-en/document/c06265454 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Color Laserjet Cm4540 Mfp Firmware by Hp

Color Laserjet Enterprise Cp5525 Firmware by Hp

Color Laserjet Enterprise Flow Mfp M577 Firmware by Hp

Color Laserjet Enterprise Flow Mfp M577 Firmware by Hp

Color Laserjet Enterprise Flow Mfp M680 Firmware by Hp

Color Laserjet Enterprise Flow Mfp M680 Firmware by Hp

Color Laserjet Enterprise Flow Mfp M681 Firmware by Hp

Color Laserjet Enterprise Flow Mfp M682 Firmware by Hp

Color Laserjet Enterprise Flow Mfp M880z Firmware by Hp

Color Laserjet Enterprise Flow Mfp M880z Firmware by Hp

Color Laserjet Enterprise M552 Firmware by Hp

Color Laserjet Enterprise M552 Firmware by Hp

Color Laserjet Enterprise M553 Firmware by Hp

Color Laserjet Enterprise M651 Firmware by Hp

Color Laserjet Enterprise M651 Firmware by Hp

Color Laserjet Enterprise M652 Firmware by Hp

Color Laserjet Enterprise M653 Firmware by Hp

Color Laserjet Enterprise M750 Firmware by Hp

Color Laserjet Enterprise M855 Firmware by Hp

Color Laserjet Enterprise M855 Firmware by Hp

Color Laserjet Enterprise Mfp M577 Firmware by Hp

Color Laserjet Enterprise Mfp M577 Firmware by Hp

Color Laserjet Enterprise Mfp M680 Firmware by Hp

Color Laserjet Enterprise Mfp M680 Firmware by Hp

Color Laserjet Enterprise Mfp M681 Firmware by Hp

Color Laserjet Enterprise Mfp M682 Firmware by Hp

Color Laserjet Managed E55040dw Firmware by Hp

Color Laserjet Managed E65050 Firmware by Hp

Color Laserjet Managed E65060 Firmware by Hp

Color Laserjet Managed Flow Mfp E57540 Firmware by Hp

Color Laserjet Managed Flow Mfp E6750 Firmware by Hp

Color Laserjet Managed Flow Mfp E67560 Firmware by Hp

Color Laserjet Managed Flow Mfp E77822 Firmware by Hp

Color Laserjet Managed Flow Mfp E77825 Firmware by Hp

Color Laserjet Managed Flow Mfp E77830 Firmware by Hp

Color Laserjet Managed Flow Mfp E87640 Firmware by Hp

Color Laserjet Managed Flow Mfp E87650 Firmware by Hp

Color Laserjet Managed Flow Mfp E87660 Firmware by Hp

Color Laserjet Managed Flow Mfp M577 Firmware by Hp

Color Laserjet Managed Flow Mfp M577 Firmware by Hp

Color Laserjet Managed Flow Mfp M680 Firmware by Hp

Color Laserjet Managed Flow Mfp M680 Firmware by Hp

Color Laserjet Managed Flow Mfp M880zm Firmware by Hp

Color Laserjet Managed Flow Mfp M880zm Firmware by Hp

Color Laserjet Managed M553 Firmware by Hp

Color Laserjet Managed M553 Firmware by Hp

Color Laserjet Managed M651 Firmware by Hp

Color Laserjet Managed M651 Firmware by Hp

Color Laserjet Managed Mfp E57540 Firmware by Hp

Color Laserjet Managed Mfp E67550 Firmware by Hp

Color Laserjet Managed Mfp E67560 Firmware by Hp

Color Laserjet Managed Mfp E77822 Firmware by Hp

Color Laserjet Managed Mfp E77825 Firmware by Hp

Color Laserjet Managed Mfp E77830 Firmware by Hp

Color Laserjet Managed Mfp E87640 Firmware by Hp

Color Laserjet Managed Mfp E87650 Firmware by Hp

Color Laserjet Managed Mfp E87660 Firmware by Hp

Color Laserjet Managed Mfp M577 Firmware by Hp

Color Laserjet Managed Mfp M577 Firmware by Hp

Color Laserjet Managed Mfp M680 Firmware by Hp

Color Laserjet Managed Mfp M680 Firmware by Hp

Color Laserjet Managed Mfp M775 Firmware by Hp

Color Laserjet Managed Mfp M775 Firmware by Hp

Digital Sender Flow 8500 Fn2 Document Capture Workstation Firmware by Hp

Laserjet Enterprise 500 Color M551 Firmware by Hp

Laserjet Enterprise 500 Color Mfp M575 Firmware by Hp

Laserjet Enterprise 500 Color Mfp M575 Firmware by Hp

Laserjet Enterprise 500 Mfp M525f Firmware by Hp

Laserjet Enterprise 500 Mfp M525f Firmware by Hp

Laserjet Enterprise 600 M601 Firmware by Hp

Laserjet Enterprise 600 M602 Firmware by Hp

Laserjet Enterprise 600 M603 Firmware by Hp

Laserjet Enterprise 700 Color Mfp M775 Firmware by Hp

Laserjet Enterprise 700 Color Mfp M775 Firmware by Hp

Laserjet Enterprise 700 M712 Firmware by Hp

Laserjet Enterprise Color Flow Mfp M575 Firmware by Hp

Laserjet Enterprise Color Flow Mfp M575 Firmware by Hp