CVE-2022-4894
High
Published: 16 August 2023
Published
16 August 2023
Modified
21 November 2024
KEV Added
—
Patch
—
CVSS Score v3.1
7.3
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.0014
33.7th percentile
Risk Priority
15
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2022-4894 is a high-severity Uncontrolled Search Path Element (CWE-427) vulnerability in Hp 2Zn49A Firmware. Its CVSS base score is 7.3 (High).
Operationally, ranked at the 33.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-52151
Vulnerability details
Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
hp
2zn49a firmware
all versions
hp
2zn50a firmware
all versions
hp
2ky38a firmware
all versions
hp
w7u01a firmware
all versions
hp
w7u02a firmware
all versions
hp
1vr14a firmware
all versions
hp
7uq76a firmware
all versions
hp
7ab26a firmware
all versions
hp
7zb25a firmware
all versions
hp
7zb72a firmware
all versions
+1013 more product configuration(s) — see NVD for full list
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.