CVE-2023-27973

9.8 CRITICAL

Remote Code Execution

📋 TL;DR

This critical vulnerability in certain HP LaserJet Pro printers allows attackers to execute arbitrary code remotely via heap overflow. Affected organizations using vulnerable HP printer models are at risk of complete device compromise.

💻 Affected Systems

Products:

HP LaserJet Pro printers

Versions: Specific models listed in HP advisory

Operating Systems: Printer firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Check HP advisory HPSBPI03841 for exact model list. Printers with network connectivity are vulnerable.

📦 What is this software?

Laserjet Pro M304 M305 W1a46a Firmware by Hp

View all CVEs affecting Laserjet Pro M304 M305 W1a46a Firmware →

Laserjet Pro M304 M305 W1a47a Firmware by Hp

View all CVEs affecting Laserjet Pro M304 M305 W1a47a Firmware →

Laserjet Pro M304 M305 W1a48a Firmware by Hp

View all CVEs affecting Laserjet Pro M304 M305 W1a48a Firmware →

Laserjet Pro M304 M305 W1a66a Firmware by Hp

View all CVEs affecting Laserjet Pro M304 M305 W1a66a Firmware →

Laserjet Pro M404 M405 93m22a Firmware by Hp

View all CVEs affecting Laserjet Pro M404 M405 93m22a Firmware →

Laserjet Pro M404 M405 W1a51a Firmware by Hp

View all CVEs affecting Laserjet Pro M404 M405 W1a51a Firmware →

Laserjet Pro M404 M405 W1a52a Firmware by Hp

View all CVEs affecting Laserjet Pro M404 M405 W1a52a Firmware →

Laserjet Pro M404 M405 W1a53a Firmware by Hp

View all CVEs affecting Laserjet Pro M404 M405 W1a53a Firmware →

Laserjet Pro M404 M405 W1a56a Firmware by Hp

View all CVEs affecting Laserjet Pro M404 M405 W1a56a Firmware →

Laserjet Pro M404 M405 W1a57a Firmware by Hp

View all CVEs affecting Laserjet Pro M404 M405 W1a57a Firmware →

Laserjet Pro M404 M405 W1a58a Firmware by Hp

View all CVEs affecting Laserjet Pro M404 M405 W1a58a Firmware →

Laserjet Pro M404 M405 W1a59a Firmware by Hp

View all CVEs affecting Laserjet Pro M404 M405 W1a59a Firmware →

Laserjet Pro M404 M405 W1a60a Firmware by Hp

View all CVEs affecting Laserjet Pro M404 M405 W1a60a Firmware →

Laserjet Pro M404 M405 W1a63a Firmware by Hp

View all CVEs affecting Laserjet Pro M404 M405 W1a63a Firmware →

Laserjet Pro M453 M454 W1y40a Firmware by Hp

View all CVEs affecting Laserjet Pro M453 M454 W1y40a Firmware →

Laserjet Pro M453 M454 W1y41a Firmware by Hp

View all CVEs affecting Laserjet Pro M453 M454 W1y41a Firmware →

Laserjet Pro M453 M454 W1y43a Firmware by Hp

View all CVEs affecting Laserjet Pro M453 M454 W1y43a Firmware →

Laserjet Pro M453 M454 W1y44a Firmware by Hp

View all CVEs affecting Laserjet Pro M453 M454 W1y44a Firmware →

Laserjet Pro M453 M454 W1y45a Firmware by Hp

View all CVEs affecting Laserjet Pro M453 M454 W1y45a Firmware →

Laserjet Pro M453 M454 W1y46a Firmware by Hp

View all CVEs affecting Laserjet Pro M453 M454 W1y46a Firmware →

Laserjet Pro M453 M454 W1y47a Firmware by Hp

View all CVEs affecting Laserjet Pro M453 M454 W1y47a Firmware →

Laserjet Pro Mfp M428 M429 F W1a29a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M428 M429 F W1a29a Firmware →

Laserjet Pro Mfp M428 M429 F W1a30a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M428 M429 F W1a30a Firmware →

Laserjet Pro Mfp M428 M429 F W1a32a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M428 M429 F W1a32a Firmware →

Laserjet Pro Mfp M428 M429 F W1a34a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M428 M429 F W1a34a Firmware →

Laserjet Pro Mfp M428 M429 F W1a35a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M428 M429 F W1a35a Firmware →

Laserjet Pro Mfp M428 M429 F W1a38a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M428 M429 F W1a38a Firmware →

Laserjet Pro Mfp M428 M429 W1a28a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M428 M429 W1a28a Firmware →

Laserjet Pro Mfp M428 M429 W1a31a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M428 M429 W1a31a Firmware →

Laserjet Pro Mfp M428 M429 W1a33a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M428 M429 W1a33a Firmware →

Laserjet Pro Mfp M478 M479 W1a75a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M478 M479 W1a75a Firmware →

Laserjet Pro Mfp M478 M479 W1a76a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M478 M479 W1a76a Firmware →

Laserjet Pro Mfp M478 M479 W1a77a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M478 M479 W1a77a Firmware →

Laserjet Pro Mfp M478 M479 W1a78a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M478 M479 W1a78a Firmware →

Laserjet Pro Mfp M478 M479 W1a79a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M478 M479 W1a79a Firmware →

Laserjet Pro Mfp M478 M479 W1a80a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M478 M479 W1a80a Firmware →

Laserjet Pro Mfp M478 M479 W1a81a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M478 M479 W1a81a Firmware →

Laserjet Pro Mfp M478 M479 W1a82a Firmware by Hp

View all CVEs affecting Laserjet Pro Mfp M478 M479 W1a82a Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full remote code execution leading to complete printer compromise, lateral movement to internal networks, and persistent backdoor installation.

🟠

Likely Case

Printer takeover enabling data exfiltration, denial of service, or use as pivot point for internal network attacks.

🟢

If Mitigated

Limited impact if printers are isolated on separate VLANs with strict network segmentation and access controls.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

CVSS 9.8 indicates critical severity with network attack vector and no authentication required.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates specified in HP advisory

Vendor Advisory: https://support.hp.com/us-en/document/ish_7920137-7920161-16/hpsbpi03841

Restart Required: Yes

Instructions:

1. Visit HP support site. 2. Identify your printer model. 3. Download latest firmware. 4. Upload to printer via web interface. 5. Reboot printer.

🔧 Temporary Workarounds

Network segmentation

all

Isolate printers on separate VLAN with strict firewall rules

Disable unnecessary services

all

Turn off unused network protocols and services on printers

🧯 If You Can't Patch

Segment printers on isolated network with strict access controls
Implement network monitoring for suspicious printer traffic

🔍 How to Verify

Check if Vulnerable:

Check printer firmware version against HP advisory list

Check Version:

Access printer web interface > Settings > System Information

Verify Fix Applied:

Verify firmware version matches patched version in HP advisory

📡 Detection & Monitoring

Log Indicators:

Unusual printer reboot events
Unexpected firmware update attempts
Multiple failed connection attempts

Network Indicators:

Unusual traffic to printer ports
Exploit pattern matches for heap overflow

SIEM Query:

source="printer_logs" AND (event_type="firmware_update" OR event_type="unexpected_reboot")

📊 Metadata

CVE ID: CVE-2023-27973

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: April 28, 2023

Last Updated: January 30, 2025

🔗 References

https://support.hp.com/us-en/document/ish_7920137-7920161-16/hpsbpi03841 Vendor Advisory
https://support.hp.com/us-en/document/ish_7920137-7920161-16/hpsbpi03841 Vendor Advisory