Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-2268

The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP).

Security Impact Summary

This vulnerability carries a HIGH severity rating with a CVSS v3.1 score of 7.5, indicating it can be exploited remotely over the network with relatively low complexity without requiring user interaction and does not require pre-existing privileges . The vulnerability impacts and availability (service disruption) for affected systems. Impacting 108 products from hp, from hp, from hp and 105 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2025, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2025-03-14T14:15:20.270

Last Modified

2026-01-16T16:33:16.067

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-241

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	hp	6gx09a_firmware	< 2025-03-24	Yes
Hardware	hp	6gx09a	-	No
Operating System	hp	6gx09e_firmware	< 2025-03-24	Yes
Hardware	hp	6gx09e	-	No
Operating System	hp	9yf91e_firmware	< 2025-03-24	Yes
Hardware	hp	9yf91e	-	No
Operating System	hp	9yg02e_firmware	< 2025-03-24	Yes
Hardware	hp	9yg02e	-	No
Operating System	hp	9yg05e_firmware	< 2025-03-24	Yes
Hardware	hp	9yg05e	-	No
Operating System	hp	6gw71a_firmware	< 2025-03-24	Yes
Hardware	hp	6gw71a	-	No
Operating System	hp	6gw99a_firmware	< 2025-03-24	Yes
Hardware	hp	6gw99a	-	No
Operating System	hp	6gx00a_firmware	< 2025-03-24	Yes
Hardware	hp	6gx00a	-	No
Operating System	hp	6gx03a_firmware	< 2025-03-24	Yes
Hardware	hp	6gx03a	-	No
Operating System	hp	6gx04a_firmware	< 2025-03-24	Yes
Hardware	hp	6gx04a	-	No
Operating System	hp	6gx05a_firmware	< 2025-03-24	Yes
Hardware	hp	6gx05a	-	No
Operating System	hp	6gx06a_firmware	< 2025-03-24	Yes
Hardware	hp	6gx06a	-	No
Operating System	hp	9yf88a_firmware	< 2025-03-24	Yes
Hardware	hp	9yf88a	-	No
Operating System	hp	9yf89a_firmware	< 2025-03-24	Yes
Hardware	hp	9yf89a	-	No
Operating System	hp	9yf90a_firmware	< 2025-03-24	Yes
Hardware	hp	9yf90a	-	No
Operating System	hp	9yf91a_firmware	< 2025-03-24	Yes
Hardware	hp	9yf91a	-	No
Operating System	hp	9yf92a_firmware	< 2025-03-24	Yes
Hardware	hp	9yf92a	-	No
Operating System	hp	9yf94a_firmware	< 2025-03-24	Yes
Hardware	hp	9yf94a	-	No
Operating System	hp	9yf95a_firmware	< 2025-03-24	Yes
Hardware	hp	9yf95a	-	No
Operating System	hp	9yf96a_firmware	< 2025-03-24	Yes
Hardware	hp	9yf96a	-	No
Operating System	hp	9yf97a_firmware	< 2025-03-24	Yes
Hardware	hp	9yf97a	-	No
Operating System	hp	9yf98a_firmware	< 2025-03-24	Yes
Hardware	hp	9yf98a	-	No
Operating System	hp	9yg02a_firmware	< 2025-03-24	Yes
Hardware	hp	9yg02a	-	No
Operating System	hp	9yg05a_firmware	< 2025-03-24	Yes
Hardware	hp	9yg05a	-	No
Operating System	hp	9yg08a_firmware	< 2025-03-24	Yes
Hardware	hp	9yg08a	-	No
Operating System	hp	9yg09a_firmware	< 2025-03-24	Yes
Hardware	hp	9yg09a	-	No
Operating System	hp	9yg10a_firmware	< 2025-03-24	Yes
Hardware	hp	9yg10a	-	No
Operating System	hp	9yg11a_firmware	< 2025-03-24	Yes
Hardware	hp	9yg11a	-	No
Operating System	hp	1y7d4a_firmware	< 2025-03-24	Yes
Hardware	hp	1y7d4a	-	No
Operating System	hp	2a129a_firmware	< 2025-03-24	Yes
Hardware	hp	2a129a	-	No
Operating System	hp	2a130a_firmware	< 2025-03-24	Yes
Hardware	hp	2a130a	-	No
Operating System	hp	2u589a_firmware	< 2025-03-24	Yes
Hardware	hp	2u589a	-	No
Operating System	hp	2u589f_firmware	< 2025-03-24	Yes
Hardware	hp	2u589f	-	No
Operating System	hp	7md69a_firmware	< 2025-03-24	Yes
Hardware	hp	7md69a	-	No
Operating System	hp	7md70a_firmware	< 2025-03-24	Yes
Hardware	hp	7md70a	-	No
Operating System	hp	7md70f_firmware	< 2025-03-24	Yes
Hardware	hp	7md70f	-	No
Operating System	hp	7md71a_firmware	< 2025-03-24	Yes
Hardware	hp	7md71a	-	No
Operating System	hp	7md72a_firmware	< 2025-03-24	Yes
Hardware	hp	7md72a	-	No
Operating System	hp	7md73a_firmware	< 2025-03-24	Yes
Hardware	hp	7md73a	-	No
Operating System	hp	7md74a_firmware	< 2025-03-24	Yes
Hardware	hp	7md74a	-	No
Operating System	hp	6gw99e_firmware	< 2025-03-24	Yes
Hardware	hp	6gw99e	-	No
Operating System	hp	6gx00e_firmware	< 2025-03-24	Yes
Hardware	hp	6gx00e	-	No
Operating System	hp	6gx01a_firmware	< 2025-03-24	Yes
Hardware	hp	6gx01a	-	No
Operating System	hp	6gx02e_firmware	< 2025-03-24	Yes
Hardware	hp	6gx02e	-	No
Operating System	hp	6gx05e_firmware	< 2025-03-24	Yes
Hardware	hp	6gx05e	-	No
Operating System	hp	7md75a_firmware	< 2025-03-24	Yes
Hardware	hp	7md75a	-	No
Operating System	hp	7md76a_firmware	< 2025-03-24	Yes
Hardware	hp	7md76a	-	No
Operating System	hp	2a130e_firmware	< 2025-03-24	Yes
Hardware	hp	2a130e	-	No
Operating System	hp	2u589e_firmware	< 2025-03-24	Yes
Hardware	hp	2u589e	-	No
Operating System	hp	6hu08a_firmware	< 2025-03-24	Yes
Hardware	hp	6hu08a	-	No
Operating System	hp	7md70e_firmware	< 2025-03-24	Yes
Hardware	hp	7md70e	-	No
Operating System	hp	7md72e_firmware	< 2025-03-24	Yes
Hardware	hp	7md72e	-	No
Operating System	hp	7md74e_firmware	< 2025-03-24	Yes
Hardware	hp	7md74e	-	No
Operating System	hp	7md76e_firmware	< 2025-03-24	Yes
Hardware	hp	7md76e	-	No

References

https://support.hp.com/us-en/document/ish_12114154-12114176-16/hpsbpi04013 Vendor Advisory ([email protected])

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For hp's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.