CVE-2023-4063

5.3 MEDIUM

Denial of Service

📋 TL;DR

HP OfficeJet Pro printers are vulnerable to a Denial of Service attack when receiving a specially crafted eSCL URL GET request. This vulnerability allows attackers to crash the printer's web service, making it temporarily unavailable for printing or management. Only specific HP OfficeJet Pro models with vulnerable firmware are affected.

💻 Affected Systems

Products:

• HP OfficeJet Pro printers

Versions: Firmware versions prior to 2023.10.17

Operating Systems: Printer firmware only

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects printers with eSCL (eSCL scanning protocol) enabled, which is typically enabled by default for scanning functionality.

📦 What is this software?

1kr42a Firmware by Hp

View all CVEs affecting 1kr42a Firmware →

1kr45a Firmware by Hp

View all CVEs affecting 1kr45a Firmware →

1kr46a Firmware by Hp

View all CVEs affecting 1kr46a Firmware →

1kr48a Firmware by Hp

View all CVEs affecting 1kr48a Firmware →

1kr49a Firmware by Hp

View all CVEs affecting 1kr49a Firmware →

1kr54a Firmware by Hp

View all CVEs affecting 1kr54a Firmware →

1kr55a Firmware by Hp

View all CVEs affecting 1kr55a Firmware →

1kr55b Firmware by Hp

View all CVEs affecting 1kr55b Firmware →

1kr55d Firmware by Hp

View all CVEs affecting 1kr55d Firmware →

1mr66a Firmware by Hp

View all CVEs affecting 1mr66a Firmware →

1mr67a Firmware by Hp

View all CVEs affecting 1mr67a Firmware →

1mr68a Firmware by Hp

View all CVEs affecting 1mr68a Firmware →

1mr69a Firmware by Hp

View all CVEs affecting 1mr69a Firmware →

1mr69c Firmware by Hp

View all CVEs affecting 1mr69c Firmware →

1mr70a Firmware by Hp

View all CVEs affecting 1mr70a Firmware →

1mr71a Firmware by Hp

View all CVEs affecting 1mr71a Firmware →

1mr72a Firmware by Hp

View all CVEs affecting 1mr72a Firmware →

1mr73a Firmware by Hp

View all CVEs affecting 1mr73a Firmware →

1mr73d Firmware by Hp

View all CVEs affecting 1mr73d Firmware →

1mr74a Firmware by Hp

View all CVEs affecting 1mr74a Firmware →

1mr75a Firmware by Hp

View all CVEs affecting 1mr75a Firmware →

1mr76a Firmware by Hp

View all CVEs affecting 1mr76a Firmware →

1mr77a Firmware by Hp

View all CVEs affecting 1mr77a Firmware →

1mr78a Firmware by Hp

View all CVEs affecting 1mr78a Firmware →

1mr78b Firmware by Hp

View all CVEs affecting 1mr78b Firmware →

1mr79a Firmware by Hp

View all CVEs affecting 1mr79a Firmware →

1mr80d Firmware by Hp

View all CVEs affecting 1mr80d Firmware →

3uk83a Firmware by Hp

View all CVEs affecting 3uk83a Firmware →

3uk83b Firmware by Hp

View all CVEs affecting 3uk83b Firmware →

3uk84a Firmware by Hp

View all CVEs affecting 3uk84a Firmware →

3uk85d Firmware by Hp

View all CVEs affecting 3uk85d Firmware →

3uk86b Firmware by Hp

View all CVEs affecting 3uk86b Firmware →

3uk90d Firmware by Hp

View all CVEs affecting 3uk90d Firmware →

3uk91b Firmware by Hp

View all CVEs affecting 3uk91b Firmware →

3uk93d Firmware by Hp

View all CVEs affecting 3uk93d Firmware →

3uk96d Firmware by Hp

View all CVEs affecting 3uk96d Firmware →

3uk97d Firmware by Hp

View all CVEs affecting 3uk97d Firmware →

3uk98d Firmware by Hp

View all CVEs affecting 3uk98d Firmware →

3uk99d Firmware by Hp

View all CVEs affecting 3uk99d Firmware →

3ul00d Firmware by Hp

View all CVEs affecting 3ul00d Firmware →

3ul05b Firmware by Hp

View all CVEs affecting 3ul05b Firmware →

Y8m28d Firmware by Hp

View all CVEs affecting Y8m28d Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Printer becomes completely unresponsive, requiring physical power cycle to restore functionality, disrupting printing operations for extended periods.

🟠

Likely Case

Temporary service interruption where printer web interface becomes unavailable but printing may continue via other protocols, requiring reboot to restore full functionality.

🟢

If Mitigated

Minimal impact with proper network segmentation and access controls limiting who can send requests to printer management interfaces.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires network access to printer's web interface and knowledge of vulnerable eSCL endpoint URLs.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware version 2023.10.17 or later

Vendor Advisory: https://support.hp.com/us-en/document/ish_10321463-10321488-16/hpsbpi03927

Restart Required: Yes

Instructions:

1. Access printer web interface. 2. Navigate to Settings > Updates. 3. Check for firmware updates. 4. Apply firmware version 2023.10.17 or later. 5. Printer will automatically restart after update.

🔧 Temporary Workarounds

Disable eSCL Protocol

all

Temporarily disable the eSCL scanning protocol to prevent exploitation while awaiting patch

Copy

Access printer web interface > Settings > Network > eSCL > Disable

Network Segmentation

all

Restrict network access to printer management interfaces

Copy

Configure firewall rules to limit access to printer IP on ports 80/443 to authorized users only

🧯 If You Can't Patch

• Implement strict network access controls to limit who can reach printer management interfaces
• Monitor printer logs for unusual eSCL URL requests and implement alerting

🔍 How to Verify

Check if Vulnerable:

Copy

Check printer firmware version via web interface: Settings > About > Firmware Version. If version is earlier than 2023.10.17, printer is vulnerable.

Check Version:

Copy

curl -s http://printer-ip/hp/device/info_configuration.html | grep -i firmware

Verify Fix Applied:

Copy

Confirm firmware version is 2023.10.17 or later in printer web interface Settings > About section.

📡 Detection & Monitoring

Log Indicators:

• Multiple failed eSCL URL requests
• Printer web service restart events
• Unusual GET requests to eSCL endpoints

Network Indicators:

• Unusual traffic patterns to printer port 80/443 with eSCL URLs
• Multiple rapid GET requests to printer

SIEM Query:

Copy

source="printer_logs" AND (url="*eSCL*" OR event="service_restart")

📊 Metadata

CVE ID: CVE-2023-4063

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE: CWE-400

Published: March 22, 2024

Last Updated: February 20, 2026

🔗 References

• https://support.hp.com/us-en/document/ish_10321463-10321488-16/hpsbpi03927 Vendor Advisory
• https://support.hp.com/us-en/document/ish_10321463-10321488-16/hpsbpi03927 Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-4063, you might also want to check these:

CVE-2024-45166 9.8

UCI IDOL2 through version 2.12 contains multiple memory corruption vulnerabilities due to improper i...

Same vulnerability type (CWE-400)

CVE-2025-61303 9.8

This vulnerability in Hatching Triage Sandbox allows malware samples to evade detection by recursive...

Same vulnerability type (CWE-400)

CVE-2024-39462 9.8

This is a Linux kernel memory corruption vulnerability in the BCM2711 DVP clock driver where array b...

Same vulnerability type (CWE-400)