CVE-2025-43018

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-43018
Certain HP LaserJet Pro printers may be vulnerable to information disclosure when a non-authenticated user queries a device’s local address book.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://support.hp.com/us-en/document/ish_12807011-12807034-16/hpsbpi04040 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:hp:w1a75a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a75a:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:hp:w1a76a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a76a:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:hp:w1a77a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a77a:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:hp:w1a81a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a81a:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:hp:w1a82a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a82a:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:hp:w1a79a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a79a:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:hp:w1a80a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a80a:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:hp:w1a78a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a78a:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:hp:w1a29a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a29a:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:hp:w1a32a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a32a:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:hp:w1a30a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a30a:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:hp:w1a38a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a38a:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:hp:w1a34a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a34a:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:hp:w1a35a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a35a:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:hp:w1a28a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a28a:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:hp:w1a31a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a31a:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:hp:w1a33a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:w1a33a:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2025-07-30 15:15

Updated : 2026-02-24 14:37

NVD link : CVE-2025-43018

Mitre link : CVE-2025-43018

CVE.ORG link : CVE-2025-43018

JSON object : View

Products Affected

hp

  • w1a81a_firmware
  • w1a34a_firmware
  • w1a78a_firmware
  • w1a35a
  • w1a33a
  • w1a28a
  • w1a75a
  • w1a81a
  • w1a80a_firmware
  • w1a82a
  • w1a30a
  • w1a31a_firmware
  • w1a28a_firmware
  • w1a32a
  • w1a77a_firmware
  • w1a75a_firmware
  • w1a30a_firmware
  • w1a80a
  • w1a34a
  • w1a77a
  • w1a33a_firmware
  • w1a78a
  • w1a76a_firmware
  • w1a38a
  • w1a32a_firmware
  • w1a31a
  • w1a76a
  • w1a79a
  • w1a35a_firmware
  • w1a38a_firmware
  • w1a79a_firmware
  • w1a29a_firmware
  • w1a29a
  • w1a82a_firmware
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor