Login Sign Up

CVE-2022-48471

7.5 HIGH
Denial of Service

📋 TL;DR

A misinterpretation of input vulnerability in Huawei printers allows attackers to send specially crafted input that causes the printer service to become abnormal. This affects organizations using vulnerable Huawei printer models, potentially disrupting printing services across networks.

💻 Affected Systems

Products:
  • Huawei Printers
Versions: Specific versions not detailed in advisory - check Huawei advisory for exact affected models
Operating Systems: Printer firmware/embedded systems
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in printer service handling of input; all default configurations of affected models are vulnerable.

📦 What is this software?

Bisheng Wnm Firmware by Huawei

View all CVEs affecting Bisheng Wnm Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete denial of printing services across affected printers, potentially requiring physical restart or service intervention to restore functionality.

🟠

Likely Case

Temporary disruption of printing services on targeted printers, causing operational impact until service is restored.

🟢

If Mitigated

Minimal impact with proper network segmentation and access controls limiting printer exposure.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Vulnerability involves sending specially crafted input to printer service; likely requires network access to printer management interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Huawei advisory for specific fixed firmware versions

Vendor Advisory: https://www.huawei.com/en/psirt/security-advisories/2023/huawei-sa-moivihp-73cabdde-en

Restart Required: Yes

Instructions:

1. Check Huawei advisory for affected models. 2. Download latest firmware from Huawei support. 3. Apply firmware update following Huawei documentation. 4. Restart printer to activate new firmware.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate printers on separate VLANs with strict access controls

Access Control Lists

all

Implement firewall rules to restrict access to printer management interfaces

🧯 If You Can't Patch

  • Segment printers on isolated network segments with strict inbound/outbound filtering
  • Disable unnecessary printer services and management interfaces if not required

🔍 How to Verify

Check if Vulnerable:

Check printer model and firmware version against Huawei advisory list of affected devices

Check Version:

Check printer web interface or management console for firmware version

Verify Fix Applied:

Verify firmware version has been updated to patched version specified in Huawei advisory

📡 Detection & Monitoring

Log Indicators:

  • Printer service crashes/restarts
  • Unusual network traffic to printer management ports
  • Failed print jobs with service errors

Network Indicators:

  • Unusual traffic patterns to printer ports (typically 9100, 631, 80, 443)
  • Multiple connection attempts to printer management interface

SIEM Query:

source_ip=* AND dest_port IN (9100, 631, 80, 443) AND dest_ip=printer_subnet AND bytes_sent > threshold

📊 Metadata

CVE ID: CVE-2022-48471
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-436
Published: June 16, 2023
Last Updated: December 17, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-48471, you might also want to check these:

CVE-2023-24813 10.0

CVE-2023-24813 is a critical vulnerability in Dompdf's SVG parsing that allows attackers to bypass U...

Same vulnerability type (CWE-436)
CVE-2021-45327 9.8

CVE-2021-45327 is a server-side request forgery (SSRF) vulnerability in Gitea's admin and user API e...

Same vulnerability type (CWE-436)
CVE-2024-38428 9.1

GNU Wget through version 1.24.5 incorrectly parses semicolons in the userinfo portion of URIs, poten...

Same vulnerability type (CWE-436)