CVE-2018-5924

A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack buffer overflow, which could allow remote code execution.

Published: 2018-08-13 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2018-5924 is rated High Risk (67.7/100): CVSS Critical severity, with high exploitation likelihood (EPSS 12.23%, 96th percentile). Core evidence: EPSS ranks this CVE among the most likely to be exploited in the near term. Mandatory action: High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2018-5924

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 17.35% 12.23% -5.12%
2 2026-05-05 18.57% 17.35% -1.22%
3 2026-04-05 18.57%

Full EPSS history (25 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2018-5924

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
9.8 3.0 CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:H)
They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
3.9 5.9 [email protected]
7.5 2.0 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
10.0 6.4 [email protected]

Weakness enumeration for CVE-2018-5924

Affected software / configurations for CVE-2018-5924

Vendor Product Version Raw CPE
hp t8x44_firmware 1828a cpe:2.3:o:hp:t8x44_firmware:1828a:*:*:*:*:*:*:*
hp 3aw51a_firmware 1828a cpe:2.3:o:hp:3aw51a_firmware:1828a:*:*:*:*:*:*:*
hp a9u28b_firmware 1828b cpe:2.3:o:hp:a9u28b_firmware:1828b:*:*:*:*:*:*:*
hp d3a82a_firmware 1828b cpe:2.3:o:hp:d3a82a_firmware:1828b:*:*:*:*:*:*:*
hp v1n08a_firmware 1828a cpe:2.3:o:hp:v1n08a_firmware:1828a:*:*:*:*:*:*:*
hp y5h80a_firmware 1828a cpe:2.3:o:hp:y5h80a_firmware:1828a:*:*:*:*:*:*:*
hp d4h24b_firmware 1826a cpe:2.3:o:hp:d4h24b_firmware:1826a:*:*:*:*:*:*:*
hp f5s57a_firmware 1829a cpe:2.3:o:hp:f5s57a_firmware:1829a:*:*:*:*:*:*:*
hp k4t99b_firmware 1829a cpe:2.3:o:hp:k4t99b_firmware:1829a:*:*:*:*:*:*:*
hp k4u04b_firmware 1829a cpe:2.3:o:hp:k4u04b_firmware:1829a:*:*:*:*:*:*:*
hp t8x39_firmware 1828a cpe:2.3:o:hp:t8x39_firmware:1828a:*:*:*:*:*:*:*
hp 1sh08_firmware 1828a cpe:2.3:o:hp:1sh08_firmware:1828a:*:*:*:*:*:*:*
hp 3aw44a_firmware 1828a cpe:2.3:o:hp:3aw44a_firmware:1828a:*:*:*:*:*:*:*
hp a9u19a_firmware 1828b cpe:2.3:o:hp:a9u19a_firmware:1828b:*:*:*:*:*:*:*
hp d3a78b_firmware 1828b cpe:2.3:o:hp:d3a78b_firmware:1828b:*:*:*:*:*:*:*
hp 4uj28b_firmware 1828a cpe:2.3:o:hp:4uj28b_firmware:1828a:*:*:*:*:*:*:*
hp v1n01a_firmware 1828a cpe:2.3:o:hp:v1n01a_firmware:1828a:*:*:*:*:*:*:*
hp y5h60a_firmware 1828a cpe:2.3:o:hp:y5h60a_firmware:1828a:*:*:*:*:*:*:*
hp d4h22a_firmware 1826a cpe:2.3:o:hp:d4h22a_firmware:1826a:*:*:*:*:*:*:*
hp j6u57b_firmware 001.1829a cpe:2.3:o:hp:j6u57b_firmware:001.1829a:*:*:*:*:*:*:*
hp j9v82a_firmware 001.1829a cpe:2.3:o:hp:j9v82a_firmware:001.1829a:*:*:*:*:*:*:*
hp j9v82b_firmware 001.1829a cpe:2.3:o:hp:j9v82b_firmware:001.1829a:*:*:*:*:*:*:*
hp j9v82c_firmware 001.1829a cpe:2.3:o:hp:j9v82c_firmware:001.1829a:*:*:*:*:*:*:*
hp j9v82d_firmware 001.1829a cpe:2.3:o:hp:j9v82d_firmware:001.1829a:*:*:*:*:*:*:*
hp y3z57_firmware 005.1828a cpe:2.3:o:hp:y3z57_firmware:005.1828a:*:*:*:*:*:*:*
hp w1b33_firmware 005.1828a cpe:2.3:o:hp:w1b33_firmware:005.1828a:*:*:*:*:*:*:*
hp w1b39_firmware 005.1828a cpe:2.3:o:hp:w1b39_firmware:005.1828a:*:*:*:*:*:*:*
hp w1b37_firmware 005.1828a cpe:2.3:o:hp:w1b37_firmware:005.1828a:*:*:*:*:*:*:*
hp w1b38_firmware 005.1828a cpe:2.3:o:hp:w1b38_firmware:005.1828a:*:*:*:*:*:*:*
hp j6u55a_firmware 001.1829a cpe:2.3:o:hp:j6u55a_firmware:001.1829a:*:*:*:*:*:*:*
hp j6u55b_firmware 001.1829a cpe:2.3:o:hp:j6u55b_firmware:001.1829a:*:*:*:*:*:*:*
hp j6u55c_firmware 001.1829a cpe:2.3:o:hp:j6u55c_firmware:001.1829a:*:*:*:*:*:*:*
hp j6u55d_firmware 001.1829a cpe:2.3:o:hp:j6u55d_firmware:001.1829a:*:*:*:*:*:*:*
hp y3z45_firmware 005.1828a cpe:2.3:o:hp:y3z45_firmware:005.1828a:*:*:*:*:*:*:*
hp y3z47_firmware 005.1828a cpe:2.3:o:hp:y3z47_firmware:005.1828a:*:*:*:*:*:*:*
hp j9v80a_firmware 001.1829a cpe:2.3:o:hp:j9v80a_firmware:001.1829a:*:*:*:*:*:*:*
hp j9v80b_firmware 001.1829a cpe:2.3:o:hp:j9v80b_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q15a_firmware 001.1829a cpe:2.3:o:hp:d3q15a_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q15b_firmware 001.1829a cpe:2.3:o:hp:d3q15b_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q15d_firmware 001.1829a cpe:2.3:o:hp:d3q15d_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q17a_firmware 001.1829a cpe:2.3:o:hp:d3q17a_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q17c_firmware 001.1829a cpe:2.3:o:hp:d3q17c_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q17d_firmware 001.1829a cpe:2.3:o:hp:d3q17d_firmware:001.1829a:*:*:*:*:*:*:*
hp y3z46_firmware 005.1828a cpe:2.3:o:hp:y3z46_firmware:005.1828a:*:*:*:*:*:*:*
hp y3z44_firmware 005.1828a cpe:2.3:o:hp:y3z44_firmware:005.1828a:*:*:*:*:*:*:*
hp d3q19a_firmware 001.1829a cpe:2.3:o:hp:d3q19a_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q19d_firmware 001.1829a cpe:2.3:o:hp:d3q19d_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q20a_firmware 001.1829a cpe:2.3:o:hp:d3q20a_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q20b_firmware 001.1829a cpe:2.3:o:hp:d3q20b_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q20c_firmware 001.1829a cpe:2.3:o:hp:d3q20c_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q20d_firmware 001.1829a cpe:2.3:o:hp:d3q20d_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q21a_firmware 001.1829a cpe:2.3:o:hp:d3q21a_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q21c_firmware 001.1829a cpe:2.3:o:hp:d3q21c_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q21d_firmware 001.1829a cpe:2.3:o:hp:d3q21d_firmware:001.1829a:*:*:*:*:*:*:*
hp k9z76a_firmware 001.1829a cpe:2.3:o:hp:k9z76a_firmware:001.1829a:*:*:*:*:*:*:*
hp k9z76d_firmware 001.1829a cpe:2.3:o:hp:k9z76d_firmware:001.1829a:*:*:*:*:*:*:*
hp w1b31_firmware 005.1828a cpe:2.3:o:hp:w1b31_firmware:005.1828a:*:*:*:*:*:*:*
hp y3z54_firmware 005.1828a cpe:2.3:o:hp:y3z54_firmware:005.1828a:*:*:*:*:*:*:*
hp d3q16a_firmware 001.1829a cpe:2.3:o:hp:d3q16a_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q16b_firmware 001.1829a cpe:2.3:o:hp:d3q16b_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q16c_firmware 001.1829a cpe:2.3:o:hp:d3q16c_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q16d_firmware 001.1829a cpe:2.3:o:hp:d3q16d_firmware:001.1829a:*:*:*:*:*:*:*
hp cn459a_firmware 1829b cpe:2.3:o:hp:cn459a_firmware:1829b:*:*:*:*:*:*:*
hp cn463a_firmware 1829b cpe:2.3:o:hp:cn463a_firmware:1829b:*:*:*:*:*:*:*
hp cn460a_firmware 1829b cpe:2.3:o:hp:cn460a_firmware:1829b:*:*:*:*:*:*:*
hp cn461a_firmware 1829b cpe:2.3:o:hp:cn461a_firmware:1829b:*:*:*:*:*:*:*
hp cv037a_firmware 1829b cpe:2.3:o:hp:cv037a_firmware:1829b:*:*:*:*:*:*:*
hp cn598a_firmware 1829b cpe:2.3:o:hp:cn598a_firmware:1829b:*:*:*:*:*:*:*
hp n9m07a_firmware 1829a cpe:2.3:o:hp:n9m07a_firmware:1829a:*:*:*:*:*:*:*
hp cq891a_firmware 1829b cpe:2.3:o:hp:cq891a_firmware:1829b:*:*:*:*:*:*:*
hp cq891b_firmware 1829b cpe:2.3:o:hp:cq891b_firmware:1829b:*:*:*:*:*:*:*
hp cq891c_firmware 1829b cpe:2.3:o:hp:cq891c_firmware:1829b:*:*:*:*:*:*:*
hp cq891ar_firmware 1829b cpe:2.3:o:hp:cq891ar_firmware:1829b:*:*:*:*:*:*:*
hp cq890a_firmware 1829b cpe:2.3:o:hp:cq890a_firmware:1829b:*:*:*:*:*:*:*
hp cq890b_firmware 1829b cpe:2.3:o:hp:cq890b_firmware:1829b:*:*:*:*:*:*:*
hp cq890c_firmware 1829b cpe:2.3:o:hp:cq890c_firmware:1829b:*:*:*:*:*:*:*
hp cq890d_firmware 1829b cpe:2.3:o:hp:cq890d_firmware:1829b:*:*:*:*:*:*:*
hp cq890e_firmware 1829b cpe:2.3:o:hp:cq890e_firmware:1829b:*:*:*:*:*:*:*
hp cq890ar_firmware 1829b cpe:2.3:o:hp:cq890ar_firmware:1829b:*:*:*:*:*:*:*
hp cq893a_firmware 1829b cpe:2.3:o:hp:cq893a_firmware:1829b:*:*:*:*:*:*:*

References for CVE-2018-5924

cvelogic Threat Intelligence