Cyber Resilience

CVE-2023-35175

Critical

Published: 30 June 2023

Published
30 June 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0521 90.2th percentile
Risk Priority 23 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-35175 is a critical-severity SSRF (CWE-918) vulnerability in Hp Laserjet Pro Mfp M478-M479 W1A75A Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 9.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

Certain HP LaserJet Pro print products are affected by CVE-2023-35175, a server-side request forgery (SSRF) vulnerability in the Web Service Eventing model that can lead to remote code execution or elevation of privilege. The flaw is tracked under CWE-918 and carries a CVSS 3.1 score of 9.8, reflecting network-accessible attack vectors that require no authentication or user interaction.

An unauthenticated remote attacker can supply crafted requests to the affected devices' eventing interfaces, causing the printer firmware to issue arbitrary server-side requests. Successful exploitation may allow the attacker to execute code or escalate privileges on the device.

HP has published security bulletin HPSBPI03851, which directs customers to the referenced support document for firmware updates and configuration guidance that address the issue.

The associated EPSS score has remained flat at 0.0521 with no material increase since disclosure.

EU & UK References

Vulnerability details

Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

hp
laserjet pro mfp m478-m479 w1a75a firmware
≤ 002_2322c
hp
laserjet pro mfp m478-m479 w1a76a firmware
≤ 002_2322c
hp
laserjet pro mfp m478-m479 w1a77a firmware
≤ 002_2322c
hp
laserjet pro mfp m478-m479 w1a78a firmware
≤ 002_2322c
hp
laserjet pro mfp m478-m479 w1a79a firmware
≤ 002_2322c
hp
laserjet pro mfp m478-m479 w1a80a firmware
≤ 002_2322c
hp
laserjet pro mfp m478-m479 w1a81a firmware
≤ 002_2322c
hp
laserjet pro mfp m478-m479 w1a82a firmware
≤ 002_2322c
hp
laserjet pro m453-m454 w1y40a firmware
≤ 002_2322c
hp
laserjet pro m453-m454 w1y41a firmware
≤ 002_2322c
+28 more product configuration(s) — see NVD for full list

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-918

Penetration testing attempts server-side requests to internal resources, identifying SSRF weaknesses for remediation.

addresses: CWE-918

Outbound connections to external resources can be monitored and limited at the boundary, reducing SSRF impact.

addresses: CWE-918

Validates server-side URLs and resource references to block SSRF attempts.

addresses: CWE-918

Detects server-side request forgery through monitoring of unexpected outbound connections.

References