CVE-2024-0794
Critical
Published: 20 February 2024
Published
20 February 2024
Modified
15 April 2026
KEV Added
—
Patch
—
CVSS Score v3.1
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.0295
86.8th percentile
Risk Priority
21
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2024-0794 is a critical-severity Out-of-bounds Read (CWE-125) vulnerability in Hp (inferred from references). Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 13.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-16581
Vulnerability details
Certain HP LaserJet Pro, HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to Remote Code Execution due to buffer overflow when rendering fonts embedded in a PDF file.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Hp
—
inferred from references and description; NVD did not file a CPE for this CVE
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.