Login Sign Up

CVE-2025-26506

9.8 CRITICAL
Remote Code Execution

📋 TL;DR

This vulnerability allows attackers to execute arbitrary code with elevated privileges on affected HP printers by sending malicious PostScript print jobs. It affects HP LaserJet Pro, Enterprise, and Managed printers. Attackers could potentially take full control of vulnerable printers remotely.

💻 Affected Systems

Products:
  • HP LaserJet Pro
  • HP LaserJet Enterprise
  • HP LaserJet Managed Printers
Versions: Specific models and firmware versions listed in HP advisory
Operating Systems: Printer firmware
Default Config Vulnerable: ⚠️ Yes
Notes: Affects printers with PostScript capability enabled. Check HP advisory for specific model numbers.

📦 What is this software?

499m6a Firmware by Hp

View all CVEs affecting 499m6a Firmware →

499m7a Firmware by Hp

View all CVEs affecting 499m7a Firmware →

499m8a Firmware by Hp

View all CVEs affecting 499m8a Firmware →

499m9a Firmware by Hp

View all CVEs affecting 499m9a Firmware →

499n0a Firmware by Hp

View all CVEs affecting 499n0a Firmware →

499n1a Firmware by Hp

View all CVEs affecting 499n1a Firmware →

499n4a Firmware by Hp

View all CVEs affecting 499n4a Firmware →

499n5a Firmware by Hp

View all CVEs affecting 499n5a Firmware →

499n6a Firmware by Hp

View all CVEs affecting 499n6a Firmware →

499q3a Firmware by Hp

View all CVEs affecting 499q3a Firmware →

499q3e Firmware by Hp

View all CVEs affecting 499q3e Firmware →

499q3f Firmware by Hp

View all CVEs affecting 499q3f Firmware →

499q4e Firmware by Hp

View all CVEs affecting 499q4e Firmware →

499q4f Firmware by Hp

View all CVEs affecting 499q4f Firmware →

499q5a Firmware by Hp

View all CVEs affecting 499q5a Firmware →

499q5e Firmware by Hp

View all CVEs affecting 499q5e Firmware →

499q5f Firmware by Hp

View all CVEs affecting 499q5f Firmware →

499q5fr Firmware by Hp

View all CVEs affecting 499q5fr Firmware →

499q6a Firmware by Hp

View all CVEs affecting 499q6a Firmware →

499q6e Firmware by Hp

View all CVEs affecting 499q6e Firmware →

499q6f Firmware by Hp

View all CVEs affecting 499q6f Firmware →

499q7a Firmware by Hp

View all CVEs affecting 499q7a Firmware →

499q7e Firmware by Hp

View all CVEs affecting 499q7e Firmware →

499q7f Firmware by Hp

View all CVEs affecting 499q7f Firmware →

499q8a Firmware by Hp

View all CVEs affecting 499q8a Firmware →

499q8e Firmware by Hp

View all CVEs affecting 499q8e Firmware →

499q8f Firmware by Hp

View all CVEs affecting 499q8f Firmware →

499q9a Firmware by Hp

View all CVEs affecting 499q9a Firmware →

499q9e Firmware by Hp

View all CVEs affecting 499q9e Firmware →

499q9f Firmware by Hp

View all CVEs affecting 499q9f Firmware →

499r0a Firmware by Hp

View all CVEs affecting 499r0a Firmware →

499r0e Firmware by Hp

View all CVEs affecting 499r0e Firmware →

499r0f Firmware by Hp

View all CVEs affecting 499r0f Firmware →

4ra80a Firmware by Hp

View all CVEs affecting 4ra80a Firmware →

4ra80e Firmware by Hp

View all CVEs affecting 4ra80e Firmware →

4ra80f Firmware by Hp

View all CVEs affecting 4ra80f Firmware →

4ra81a Firmware by Hp

View all CVEs affecting 4ra81a Firmware →

4ra81e Firmware by Hp

View all CVEs affecting 4ra81e Firmware →

4ra81f Firmware by Hp

View all CVEs affecting 4ra81f Firmware →

4ra81fr Firmware by Hp

View all CVEs affecting 4ra81fr Firmware →

4ra82a Firmware by Hp

View all CVEs affecting 4ra82a Firmware →

4ra82e Firmware by Hp

View all CVEs affecting 4ra82e Firmware →

4ra82f Firmware by Hp

View all CVEs affecting 4ra82f Firmware →

4ra82fr Firmware by Hp

View all CVEs affecting 4ra82fr Firmware →

4ra83a Firmware by Hp

View all CVEs affecting 4ra83a Firmware →

4ra83e Firmware by Hp

View all CVEs affecting 4ra83e Firmware →

4ra83f Firmware by Hp

View all CVEs affecting 4ra83f Firmware →

4ra84a Firmware by Hp

View all CVEs affecting 4ra84a Firmware →

4ra84e Firmware by Hp

View all CVEs affecting 4ra84e Firmware →

4ra84f Firmware by Hp

View all CVEs affecting 4ra84f Firmware →

4ra85a Firmware by Hp

View all CVEs affecting 4ra85a Firmware →

4ra85e Firmware by Hp

View all CVEs affecting 4ra85e Firmware →

4ra85f Firmware by Hp

View all CVEs affecting 4ra85f Firmware →

4ra85v Firmware by Hp

View all CVEs affecting 4ra85v Firmware →

4ra86a Firmware by Hp

View all CVEs affecting 4ra86a Firmware →

4ra86e Firmware by Hp

View all CVEs affecting 4ra86e Firmware →

4ra86f Firmware by Hp

View all CVEs affecting 4ra86f Firmware →

4ra87a Firmware by Hp

View all CVEs affecting 4ra87a Firmware →

4ra87e Firmware by Hp

View all CVEs affecting 4ra87e Firmware →

4ra87f Firmware by Hp

View all CVEs affecting 4ra87f Firmware →

4ra88a Firmware by Hp

View all CVEs affecting 4ra88a Firmware →

4ra88e Firmware by Hp

View all CVEs affecting 4ra88e Firmware →

4ra88f Firmware by Hp

View all CVEs affecting 4ra88f Firmware →

4ra89a Firmware by Hp

View all CVEs affecting 4ra89a Firmware →

4ra89v Firmware by Hp

View all CVEs affecting 4ra89v Firmware →

5hh48a Firmware by Hp

View all CVEs affecting 5hh48a Firmware →

5hh48v Firmware by Hp

View all CVEs affecting 5hh48v Firmware →

5hh51a Firmware by Hp

View all CVEs affecting 5hh51a Firmware →

5hh52a Firmware by Hp

View all CVEs affecting 5hh52a Firmware →

5hh53a Firmware by Hp

View all CVEs affecting 5hh53a Firmware →

5hh59a Firmware by Hp

View all CVEs affecting 5hh59a Firmware →

5hh64a Firmware by Hp

View all CVEs affecting 5hh64a Firmware →

5hh64e Firmware by Hp

View all CVEs affecting 5hh64e Firmware →

5hh64f Firmware by Hp

View all CVEs affecting 5hh64f Firmware →

5hh65a Firmware by Hp

View all CVEs affecting 5hh65a Firmware →

5hh66a Firmware by Hp

View all CVEs affecting 5hh66a Firmware →

5hh67a Firmware by Hp

View all CVEs affecting 5hh67a Firmware →

5hh72a Firmware by Hp

View all CVEs affecting 5hh72a Firmware →

5hh73a Firmware by Hp

View all CVEs affecting 5hh73a Firmware →

74p25a Firmware by Hp

View all CVEs affecting 74p25a Firmware →

74p26a Firmware by Hp

View all CVEs affecting 74p26a Firmware →

74p27a Firmware by Hp

View all CVEs affecting 74p27a Firmware →

74p28a Firmware by Hp

View all CVEs affecting 74p28a Firmware →

74t92a Firmware by Hp

View all CVEs affecting 74t92a Firmware →

74t92e Firmware by Hp

View all CVEs affecting 74t92e Firmware →

74t92f Firmware by Hp

View all CVEs affecting 74t92f Firmware →

759v0e Firmware by Hp

View all CVEs affecting 759v0e Firmware →

759v0f Firmware by Hp

View all CVEs affecting 759v0f Firmware →

759v1e Firmware by Hp

View all CVEs affecting 759v1e Firmware →

759v1f Firmware by Hp

View all CVEs affecting 759v1f Firmware →

759v2e Firmware by Hp

View all CVEs affecting 759v2e Firmware →

759v2f Firmware by Hp

View all CVEs affecting 759v2f Firmware →

8d7l0a Firmware by Hp

View all CVEs affecting 8d7l0a Firmware →

8d7l1a Firmware by Hp

View all CVEs affecting 8d7l1a Firmware →

8d7l2a Firmware by Hp

View all CVEs affecting 8d7l2a Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full printer compromise allowing attackers to install persistent malware, intercept print jobs, pivot to internal networks, or use printer as attack platform.

🟠

Likely Case

Printer compromise leading to data exfiltration, denial of service, or lateral movement within the network.

🟢

If Mitigated

Limited impact if printers are isolated, monitored, and have restricted network access.

🌐 Internet-Facing: HIGH - Printers exposed to internet are directly exploitable without authentication.
🏢 Internal Only: MEDIUM - Requires internal network access but exploitation is unauthenticated.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires sending PostScript print job to vulnerable printer. No authentication needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates specified in HP advisory HPSBPI04007

Vendor Advisory: https://support.hp.com/us-en/document/ish_11953771-11953793-16/hpsBPI04007

Restart Required: Yes

Instructions:

1. Identify printer model and current firmware version. 2. Download appropriate firmware update from HP support site. 3. Apply firmware update via printer web interface or HP tools. 4. Verify successful update and restart printer.

🔧 Temporary Workarounds

Disable PostScript

all

Disable PostScript printing capability on affected printers

Access printer web interface > Security > Disable PostScript

Network Segmentation

all

Isolate printers to separate VLAN with restricted access

🧯 If You Can't Patch

  • Segment printers to isolated network segments with strict firewall rules
  • Implement print server with job filtering to block malicious PostScript

🔍 How to Verify

Check if Vulnerable:

Check printer model and firmware version against HP advisory list

Check Version:

Access printer web interface > About or Settings > Firmware Version

Verify Fix Applied:

Verify firmware version matches patched version from HP advisory

📡 Detection & Monitoring

Log Indicators:

  • Unusual PostScript print jobs
  • Failed firmware update attempts
  • Printer reboot events

Network Indicators:

  • PostScript print jobs from unusual sources
  • Unexpected network traffic from printers

SIEM Query:

source="printer_logs" AND (event="postscript_error" OR event="firmware_change")

📊 Metadata

CVE ID: CVE-2025-26506
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-121
EPSS Score: 0.38% exploit probability (59.1th percentile)
Published: February 14, 2025
Last Updated: January 15, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-26506, you might also want to check these:

CVE-2024-39791 10.0

CVE-2024-39791 is a critical stack-based buffer overflow vulnerability in Vonets industrial WiFi bri...

Same vulnerability type (CWE-121)
CVE-2022-20699 10.0

This critical vulnerability in Cisco Small Business routers allows unauthenticated remote attackers ...

Same vulnerability type (CWE-121)
CVE-2022-20701 10.0

This CVE describes multiple critical vulnerabilities in Cisco Small Business RV series routers that ...

Same vulnerability type (CWE-121)