1. Home
  2. Vulnerabilities
  3. CVE-2025-2268
7.5
HIGH CVSS 3.1
CVE-2025-2268
HP LaserJet MFP M232-M237 Printer Series - Potential Denial of Service
Description

The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP).

INFO

Published Date :

March 14, 2025, 2:15 p.m.

Last Modified :

Jan. 16, 2026, 4:33 p.m.

Remotely Exploit :

Yes !

Source :

[email protected]
Affected Products

The following products are affected by CVE-2025-2268 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Hp 6hu08a_firmware
2 Hp 6hu08a
3 Hp 6gx09a_firmware
4 Hp 6gx09a
5 Hp 6gx09e_firmware
6 Hp 6gx09e
7 Hp 9yf91e_firmware
8 Hp 9yf91e
9 Hp 9yg02e_firmware
10 Hp 9yg02e
11 Hp 9yg05e_firmware
12 Hp 9yg05e
13 Hp 6gw71a_firmware
14 Hp 6gw71a
15 Hp 6gw99a_firmware
16 Hp 6gw99a
17 Hp 6gx00a_firmware
18 Hp 6gx00a
19 Hp 6gx03a_firmware
20 Hp 6gx03a
21 Hp 6gx04a_firmware
22 Hp 6gx04a
23 Hp 6gx05a_firmware
24 Hp 6gx05a
25 Hp 6gx06a_firmware
26 Hp 6gx06a
27 Hp 9yf88a_firmware
28 Hp 9yf88a
29 Hp 9yf89a_firmware
30 Hp 9yf89a
31 Hp 9yf90a_firmware
32 Hp 9yf90a
33 Hp 9yf91a_firmware
34 Hp 9yf91a
35 Hp 9yf92a_firmware
36 Hp 9yf92a
37 Hp 9yf94a_firmware
38 Hp 9yf94a
39 Hp 9yf95a_firmware
40 Hp 9yf95a
41 Hp 9yf96a_firmware
42 Hp 9yf96a
43 Hp 9yf97a_firmware
44 Hp 9yf97a
45 Hp 9yf98a_firmware
46 Hp 9yf98a
47 Hp 9yg02a_firmware
48 Hp 9yg02a
49 Hp 9yg05a_firmware
50 Hp 9yg05a
51 Hp 9yg08a_firmware
52 Hp 9yg08a
53 Hp 9yg09a_firmware
54 Hp 9yg09a
55 Hp 9yg10a_firmware
56 Hp 9yg10a
57 Hp 9yg11a_firmware
58 Hp 9yg11a
59 Hp 1y7d4a_firmware
60 Hp 1y7d4a
61 Hp 2a129a_firmware
62 Hp 2a129a
63 Hp 2a130a_firmware
64 Hp 2a130a
65 Hp 2u589a_firmware
66 Hp 2u589a
67 Hp 2u589f_firmware
68 Hp 2u589f
69 Hp 7md69a_firmware
70 Hp 7md69a
71 Hp 7md70a_firmware
72 Hp 7md70a
73 Hp 7md70f_firmware
74 Hp 7md70f
75 Hp 7md71a_firmware
76 Hp 7md71a
77 Hp 7md72a_firmware
78 Hp 7md72a
79 Hp 7md73a_firmware
80 Hp 7md73a
81 Hp 7md74a_firmware
82 Hp 7md74a
83 Hp 6gw99e_firmware
84 Hp 6gw99e
85 Hp 6gx00e_firmware
86 Hp 6gx00e
87 Hp 6gx01a_firmware
88 Hp 6gx01a
89 Hp 6gx02e_firmware
90 Hp 6gx02e
91 Hp 6gx05e_firmware
92 Hp 6gx05e
93 Hp 7md75a_firmware
94 Hp 7md75a
95 Hp 7md76a_firmware
96 Hp 7md76a
97 Hp 2a130e_firmware
98 Hp 2a130e
99 Hp 2u589e_firmware
100 Hp 2u589e
101 Hp 7md70e_firmware
102 Hp 7md70e
103 Hp 7md72e_firmware
104 Hp 7md72e
105 Hp 7md74e_firmware
106 Hp 7md74e
107 Hp 7md76e_firmware
108 Hp 7md76e
: Total Affected Vendor : 1 | Products : 108
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 3.1 HIGH [email protected]
CVSS 4.0 MEDIUM [email protected]
Solution
Update printer firmware to prevent denial of service via specially crafted IPP requests.
  • Update the printer firmware to the latest version.
  • Disable or restrict access to the Internet Printing Protocol (IPP).
Public PoC/Exploit Available at Github

CVE-2025-2268 has a 1 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2025-2268.

URL Resource
https://support.hp.com/us-en/document/ish_12114154-12114176-16/hpsbpi04013 Vendor Advisory
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2025-2268 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2025-2268 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
s0uthwood/netpuzz

None

C++

Updated: 3 months ago
0 stars 0 fork 0 watcher
Born at : Aug. 19, 2024, 2:08 p.m. This repo has been linked 10 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-2268 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2025-2268 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Initial Analysis by [email protected]

    Jan. 16, 2026

    Action Type Old Value New Value
    Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6gx09a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6gx09a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6gx09e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6gx09e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yf91e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yf91e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yg02e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yg02e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yg05e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yg05e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6gw71a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6gw71a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6gw99a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6gw99a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6gx00a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6gx00a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6gx03a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6gx03a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6gx04a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6gx04a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6gx05a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6gx05a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6gx06a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6gx06a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yf88a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yf88a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yf89a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yf89a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yf90a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yf90a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yf91a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yf91a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yf92a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yf92a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yf94a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yf94a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yf95a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yf95a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yf96a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yf96a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yf97a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yf97a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yf98a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yf98a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yg02a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yg02a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yg05a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yg05a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yg08a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yg08a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yg09a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yg09a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yg10a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yg10a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:9yg11a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:9yg11a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:1y7d4a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:1y7d4a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:2a129a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:2a129a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:2a130a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:2a130a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:2u589a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:2u589a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:2u589f_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:2u589f:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:7md69a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:7md69a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:7md70a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:7md70a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:7md70f_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:7md70f:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:7md71a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:7md71a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:7md72a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:7md72a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:7md73a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:7md73a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:7md74a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:7md74a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6gw99e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6gw99e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6gx00e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6gx00e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6gx01a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6gx01a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6gx02e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6gx02e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6gx05e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6gx05e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:7md75a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:7md75a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:7md76a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:7md76a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:2a130e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:2a130e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:2u589e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:2u589e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:6hu08a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:6hu08a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:7md70e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:7md70e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:7md72e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:7md72e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:7md74e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:7md74e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:hp:7md76e_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2025-03-24 OR cpe:2.3:h:hp:7md76e:-:*:*:*:*:*:*:*
    Added Reference Type HP Inc.: https://support.hp.com/us-en/document/ish_12114154-12114176-16/hpsbpi04013 Types: Vendor Advisory
  • New CVE Received by [email protected]

    Mar. 14, 2025

    Action Type Old Value New Value
    Added Description The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP).
    Added CVSS V4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
    Added CWE CWE-241
    Added Reference https://support.hp.com/us-en/document/ish_12114154-12114176-16/hpsbpi04013
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
Base CVSS Score: 6.9
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Base CVSS Score: 7.5
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact