CVE-2018-5925

Exp

A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a static buffer overflow, which could allow remote code execution.

Published: 2018-08-13 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2018-5925 is rated High Exploit Risk (83.7/100): CVSS High severity, with high exploitation likelihood (EPSS 10.89%, 95th percentile). 1 public exploit reference(s) are indexed (Exploit-DB). EPSS rose +4.18% over the last day, indicating growing attacker interest. Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2018-5925

EDB-ID Source Kind Published Link
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2018-5925

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 6.71% 10.89% +4.18%
2 2026-05-05 7.26% 6.71% -0.55%
3 2026-04-05 7.26%

Full EPSS history (25 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2018-5925

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.8 3.0 HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Click to expand
Attack vector (AV:L)
They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:R)
A real person has to do something—click, install, enable—otherwise it doesn’t land.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:H)
They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
 1.8 5.9 [email protected]
9.3 2.0 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 8.6 10.0 [email protected]

Weakness enumeration for CVE-2018-5925

Affected software / configurations for CVE-2018-5925

Vendor Product Version Raw CPE
hp t8x44_firmware 1828a cpe:2.3:o:hp:t8x44_firmware:1828a:*:*:*:*:*:*:*
hp 3aw51a_firmware 1828a cpe:2.3:o:hp:3aw51a_firmware:1828a:*:*:*:*:*:*:*
hp a9u28b_firmware 1828b cpe:2.3:o:hp:a9u28b_firmware:1828b:*:*:*:*:*:*:*
hp d3a82a_firmware 1828b cpe:2.3:o:hp:d3a82a_firmware:1828b:*:*:*:*:*:*:*
hp v1n08a_firmware 1828a cpe:2.3:o:hp:v1n08a_firmware:1828a:*:*:*:*:*:*:*
hp y5h80a_firmware 1828a cpe:2.3:o:hp:y5h80a_firmware:1828a:*:*:*:*:*:*:*
hp d4h24b_firmware 1826a cpe:2.3:o:hp:d4h24b_firmware:1826a:*:*:*:*:*:*:*
hp f5s57a_firmware 1829a cpe:2.3:o:hp:f5s57a_firmware:1829a:*:*:*:*:*:*:*
hp k4t99b_firmware 1829a cpe:2.3:o:hp:k4t99b_firmware:1829a:*:*:*:*:*:*:*
hp k4u04b_firmware 1829a cpe:2.3:o:hp:k4u04b_firmware:1829a:*:*:*:*:*:*:*
hp t8x39_firmware 1828a cpe:2.3:o:hp:t8x39_firmware:1828a:*:*:*:*:*:*:*
hp 1sh08_firmware 1828a cpe:2.3:o:hp:1sh08_firmware:1828a:*:*:*:*:*:*:*
hp 3aw44a_firmware 1828a cpe:2.3:o:hp:3aw44a_firmware:1828a:*:*:*:*:*:*:*
hp a9u19a_firmware 1828b cpe:2.3:o:hp:a9u19a_firmware:1828b:*:*:*:*:*:*:*
hp d3a78b_firmware 1828b cpe:2.3:o:hp:d3a78b_firmware:1828b:*:*:*:*:*:*:*
hp 4uj28b_firmware 1828a cpe:2.3:o:hp:4uj28b_firmware:1828a:*:*:*:*:*:*:*
hp v1n01a_firmware 1828a cpe:2.3:o:hp:v1n01a_firmware:1828a:*:*:*:*:*:*:*
hp y5h60a_firmware 1828a cpe:2.3:o:hp:y5h60a_firmware:1828a:*:*:*:*:*:*:*
hp d4h22a_firmware 1826a cpe:2.3:o:hp:d4h22a_firmware:1826a:*:*:*:*:*:*:*
hp j6u57b_firmware 001.1829a cpe:2.3:o:hp:j6u57b_firmware:001.1829a:*:*:*:*:*:*:*
hp j9v82a_firmware 001.1829a cpe:2.3:o:hp:j9v82a_firmware:001.1829a:*:*:*:*:*:*:*
hp j9v82b_firmware 001.1829a cpe:2.3:o:hp:j9v82b_firmware:001.1829a:*:*:*:*:*:*:*
hp j9v82c_firmware 001.1829a cpe:2.3:o:hp:j9v82c_firmware:001.1829a:*:*:*:*:*:*:*
hp j9v82d_firmware 001.1829a cpe:2.3:o:hp:j9v82d_firmware:001.1829a:*:*:*:*:*:*:*
hp y3z57_firmware 005.1828a cpe:2.3:o:hp:y3z57_firmware:005.1828a:*:*:*:*:*:*:*
hp w1b33_firmware 005.1828a cpe:2.3:o:hp:w1b33_firmware:005.1828a:*:*:*:*:*:*:*
hp w1b39_firmware 005.1828a cpe:2.3:o:hp:w1b39_firmware:005.1828a:*:*:*:*:*:*:*
hp w1b37_firmware 005.1828a cpe:2.3:o:hp:w1b37_firmware:005.1828a:*:*:*:*:*:*:*
hp w1b38_firmware 005.1828a cpe:2.3:o:hp:w1b38_firmware:005.1828a:*:*:*:*:*:*:*
hp j6u55a_firmware 001.1829a cpe:2.3:o:hp:j6u55a_firmware:001.1829a:*:*:*:*:*:*:*
hp j6u55b_firmware 001.1829a cpe:2.3:o:hp:j6u55b_firmware:001.1829a:*:*:*:*:*:*:*
hp j6u55c_firmware 001.1829a cpe:2.3:o:hp:j6u55c_firmware:001.1829a:*:*:*:*:*:*:*
hp j6u55d_firmware 001.1829a cpe:2.3:o:hp:j6u55d_firmware:001.1829a:*:*:*:*:*:*:*
hp y3z45_firmware 005.1828a cpe:2.3:o:hp:y3z45_firmware:005.1828a:*:*:*:*:*:*:*
hp y3z47_firmware 005.1828a cpe:2.3:o:hp:y3z47_firmware:005.1828a:*:*:*:*:*:*:*
hp j9v80a_firmware 001.1829a cpe:2.3:o:hp:j9v80a_firmware:001.1829a:*:*:*:*:*:*:*
hp j9v80b_firmware 001.1829a cpe:2.3:o:hp:j9v80b_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q15a_firmware 001.1829a cpe:2.3:o:hp:d3q15a_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q15b_firmware 001.1829a cpe:2.3:o:hp:d3q15b_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q15d_firmware 001.1829a cpe:2.3:o:hp:d3q15d_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q17a_firmware 001.1829a cpe:2.3:o:hp:d3q17a_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q17c_firmware 001.1829a cpe:2.3:o:hp:d3q17c_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q17d_firmware 001.1829a cpe:2.3:o:hp:d3q17d_firmware:001.1829a:*:*:*:*:*:*:*
hp y3z46_firmware 005.1828a cpe:2.3:o:hp:y3z46_firmware:005.1828a:*:*:*:*:*:*:*
hp y3z44_firmware 005.1828a cpe:2.3:o:hp:y3z44_firmware:005.1828a:*:*:*:*:*:*:*
hp d3q19a_firmware 001.1829a cpe:2.3:o:hp:d3q19a_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q19d_firmware 001.1829a cpe:2.3:o:hp:d3q19d_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q20a_firmware 001.1829a cpe:2.3:o:hp:d3q20a_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q20b_firmware 001.1829a cpe:2.3:o:hp:d3q20b_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q20c_firmware 001.1829a cpe:2.3:o:hp:d3q20c_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q20d_firmware 001.1829a cpe:2.3:o:hp:d3q20d_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q21a_firmware 001.1829a cpe:2.3:o:hp:d3q21a_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q21c_firmware 001.1829a cpe:2.3:o:hp:d3q21c_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q21d_firmware 001.1829a cpe:2.3:o:hp:d3q21d_firmware:001.1829a:*:*:*:*:*:*:*
hp k9z76a_firmware 001.1829a cpe:2.3:o:hp:k9z76a_firmware:001.1829a:*:*:*:*:*:*:*
hp k9z76d_firmware 001.1829a cpe:2.3:o:hp:k9z76d_firmware:001.1829a:*:*:*:*:*:*:*
hp w1b31_firmware 005.1828a cpe:2.3:o:hp:w1b31_firmware:005.1828a:*:*:*:*:*:*:*
hp y3z54_firmware 005.1828a cpe:2.3:o:hp:y3z54_firmware:005.1828a:*:*:*:*:*:*:*
hp d3q16a_firmware 001.1829a cpe:2.3:o:hp:d3q16a_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q16b_firmware 001.1829a cpe:2.3:o:hp:d3q16b_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q16c_firmware 001.1829a cpe:2.3:o:hp:d3q16c_firmware:001.1829a:*:*:*:*:*:*:*
hp d3q16d_firmware 001.1829a cpe:2.3:o:hp:d3q16d_firmware:001.1829a:*:*:*:*:*:*:*
hp cn459a_firmware 1829b cpe:2.3:o:hp:cn459a_firmware:1829b:*:*:*:*:*:*:*
hp cn463a_firmware 1829b cpe:2.3:o:hp:cn463a_firmware:1829b:*:*:*:*:*:*:*
hp cn460a_firmware 1829b cpe:2.3:o:hp:cn460a_firmware:1829b:*:*:*:*:*:*:*
hp cn461a_firmware 1829b cpe:2.3:o:hp:cn461a_firmware:1829b:*:*:*:*:*:*:*
hp cv037a_firmware 1829b cpe:2.3:o:hp:cv037a_firmware:1829b:*:*:*:*:*:*:*
hp cn598a_firmware 1829b cpe:2.3:o:hp:cn598a_firmware:1829b:*:*:*:*:*:*:*
hp n9m07a_firmware 1829a cpe:2.3:o:hp:n9m07a_firmware:1829a:*:*:*:*:*:*:*
hp cq891a_firmware 1829b cpe:2.3:o:hp:cq891a_firmware:1829b:*:*:*:*:*:*:*
hp cq891b_firmware 1829b cpe:2.3:o:hp:cq891b_firmware:1829b:*:*:*:*:*:*:*
hp cq891c_firmware 1829b cpe:2.3:o:hp:cq891c_firmware:1829b:*:*:*:*:*:*:*
hp cq891ar_firmware 1829b cpe:2.3:o:hp:cq891ar_firmware:1829b:*:*:*:*:*:*:*
hp cq890a_firmware 1829b cpe:2.3:o:hp:cq890a_firmware:1829b:*:*:*:*:*:*:*
hp cq890b_firmware 1829b cpe:2.3:o:hp:cq890b_firmware:1829b:*:*:*:*:*:*:*
hp cq890c_firmware 1829b cpe:2.3:o:hp:cq890c_firmware:1829b:*:*:*:*:*:*:*
hp cq890d_firmware 1829b cpe:2.3:o:hp:cq890d_firmware:1829b:*:*:*:*:*:*:*
hp cq890e_firmware 1829b cpe:2.3:o:hp:cq890e_firmware:1829b:*:*:*:*:*:*:*
hp cq890ar_firmware 1829b cpe:2.3:o:hp:cq890ar_firmware:1829b:*:*:*:*:*:*:*
hp cq893a_firmware 1829b cpe:2.3:o:hp:cq893a_firmware:1829b:*:*:*:*:*:*:*

References for CVE-2018-5925

URL Tags
http://www.securityfocus.com/bid/105010 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041415 Third Party Advisory VDB Entry
https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/ Exploit Issue Tracking Third Party Advisory
https://support.hp.com/us-en/document/c06097712 Vendor Advisory
cvelogic Threat Intelligence