Cyber Posture

CVE-2025-2268

High

Published: 14 March 2025

Published
14 March 2025
Modified
16 January 2026
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0039 60.1th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-2268 is a high-severity Improper Handling of Unexpected Data Type (CWE-241) vulnerability in Hp 6Gx09A Firmware. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 39.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Application or System Exploitation (T1499.004). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Flaw remediation directly addresses the vulnerability by applying HP patches for the IPP DoS issue as detailed in the security bulletin.

SC-5 Denial-of-service Protection good match
prevent

Denial-of-service protection implements mechanisms like rate limiting and traffic filtering to block specially crafted IPP requests targeting printer availability.

SI-10 Information Input Validation good match
prevent

Information input validation ensures the IPP service rejects or sanitizes malformed requests, preventing the crash that leads to denial of service.

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
attack.mitre.org →
Why these techniques?

The vulnerability enables remote exploitation of a software flaw in IPP handling to crash or disrupt the printer service, directly matching T1499.004 Application or System Exploitation for denying availability.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP).

Deeper analysisAI

CVE-2025-2268 is a denial-of-service vulnerability affecting the HP LaserJet MFP M232-M237 Printer Series. The issue arises when a specially crafted request message is sent via the Internet Printing Protocol (IPP), potentially disrupting printer functionality. Published on 2025-03-14, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is linked to CWE-241.

Remote attackers can exploit this vulnerability over the network with low complexity, requiring no privileges, authentication, or user interaction. By transmitting a malicious IPP request to an affected printer, an attacker can cause a denial of service, severely impacting availability while leaving confidentiality and integrity unaffected.

HP has issued a security bulletin detailing the vulnerability at https://support.hp.com/us-en/document/ish_12114154-12114176-16/hpsbpi04013, which security practitioners should consult for patch availability and mitigation guidance.

Details

CWE(s)
CWE-241

Affected Products

hp
6gx09a firmware
≤ 2025-03-24
hp
6gx09e firmware
≤ 2025-03-24
hp
9yf91e firmware
≤ 2025-03-24
hp
9yg02e firmware
≤ 2025-03-24
hp
9yg05e firmware
≤ 2025-03-24
hp
6gw71a firmware
≤ 2025-03-24
hp
6gw99a firmware
≤ 2025-03-24
hp
6gx00a firmware
≤ 2025-03-24
hp
6gx03a firmware
≤ 2025-03-24
hp
6gx04a firmware
≤ 2025-03-24
+44 more product configuration(s) — see NVD for full list

CVEs Like This One

CVE-2025-63548Shared CWE-241
CVE-2025-26506Same vendor: Hp
CVE-2025-11531Same vendor: Hp
CVE-2026-2915Same vendor: Hp
CVE-2025-26508Same vendor: Hp
CVE-2025-26507Same vendor: Hp
CVE-2024-38320Same vendor: Hp

References