Disclosure and Modification of Information
Source: HP, HP Product Security Response Team (PSRT)
Reported by: N/A
Certain HP printers are vulnerable to the Key Negotiation of Bluetooth (KNOB) attack. Data over Bluetooth can be intercepted, decrypted, and modified by an unauthorized local party.
VULNERABILITY SUMMARY
note:All product versions are impacted prior to the firmware versions listed.
Reference
|
Base vector
|
Base score
|
CVE-2019-9506
|
CVSS:3.0/ AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
8.1 (High)
|
Product name
|
Model number
|
Firmware revision
|
HP OfficeJet 200 Mobile Printer series
|
CZ993A
L9B95A
|
1940A or later
|
HP OfficeJet 202 Mobile Printer
|
N4L14C
N4K99C
|
1940A or later
|
HP OfficeJet 250 Mobile All-in-One Printer series
|
CZ992A
L9D57A
N4L17A
|
1940A or later
|
HP OfficeJet 252 Mobile All-in-One Printer
|
N4L16C
N4L18C
|
1940A or later
|
HP Sprocket 200 Printer series
|
1AS85A - 1AS98A
|
1939A or later
|
HP Sprocket Select Photo Printer series
|
5XH49A - 5XH50A
|
1941A or later
|
HP Sprocket Studio series
|
3MP72A - 3MP74A
6SE08A
3XT68A
|
1942A or later
|
Product name
|
Model number
|
HP Sprocket Photo Printer
|
X7N07A - X7N08A
Z3Z89A - Z3Z94A
Z9L25A - Z9L29A
5DP49A
1BG86A
7CF16A
|
HP Sprocket 2-in-1 Printer
|
2FB96A - 2FB98A
|
HP Sprocket Plus Printer
|
2FR85A - 2FR87A
|
PI
|
HP Printing and Imaging
|
HF
|
HP Hardware and Firmware
|
GN
|
HP General Software
|