CVE-2022-28722

Certain HP Print Products are potentially vulnerable to Buffer Overflow.

Published: 2022-09-26 Last update: 2026-06-17 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2022-28722 is rated Moderate Risk (60.2/100): CVSS Critical severity, with medium exploitation likelihood (EPSS 1.00%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2022-28722

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.35% 1.00% +0.65%
2 2026-01-06 0.79% 0.35% -0.44%
3 2025-11-21 0.79%

Full EPSS history (17 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2022-28722

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
9.8 3.1 CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:H)
They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
 3.9 5.9 [email protected]
9.8 3.1 CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:H)
They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
 3.9 5.9 134c704f-9b21-4f2e-91b3-4a467353bcc0

Weakness enumeration for CVE-2022-28722

Affected software / configurations for CVE-2022-28722

Vendor Product Version Raw CPE
hp p4c78a_firmware < 001.2224a cpe:2.3:o:hp:p4c78a_firmware:*:*:*:*:*:*:*:*
hp p4c85a_firmware < 001.2224a cpe:2.3:o:hp:p4c85a_firmware:*:*:*:*:*:*:*:*
hp t3p03a_firmware < 001.2224a cpe:2.3:o:hp:t3p03a_firmware:*:*:*:*:*:*:*:*
hp p4c86a_firmware < 001.2224a cpe:2.3:o:hp:p4c86a_firmware:*:*:*:*:*:*:*:*
hp p4c81a_firmware < 001.2224a cpe:2.3:o:hp:p4c81a_firmware:*:*:*:*:*:*:*:*
hp p4c82a_firmware < 001.2224a cpe:2.3:o:hp:p4c82a_firmware:*:*:*:*:*:*:*:*
hp p4c84a_firmware < 001.2224a cpe:2.3:o:hp:p4c84a_firmware:*:*:*:*:*:*:*:*
hp t0g25a_firmware < 001.2225a cpe:2.3:o:hp:t0g25a_firmware:*:*:*:*:*:*:*:*
hp t0g26a_firmware < 001.2225a cpe:2.3:o:hp:t0g26a_firmware:*:*:*:*:*:*:*:*
hp j7k33a_firmware < 001.2225a cpe:2.3:o:hp:j7k33a_firmware:*:*:*:*:*:*:*:*
hp t0f30a_firmware < 001.2225a cpe:2.3:o:hp:t0f30a_firmware:*:*:*:*:*:*:*:*
hp t0f32a_firmware < 001.2225a cpe:2.3:o:hp:t0f32a_firmware:*:*:*:*:*:*:*:*
hp t0f38a_firmware < 001.2225a cpe:2.3:o:hp:t0f38a_firmware:*:*:*:*:*:*:*:*
hp t0f31a_firmware < 001.2225a cpe:2.3:o:hp:t0f31a_firmware:*:*:*:*:*:*:*:*
hp j7k37a_firmware < 001.2225a cpe:2.3:o:hp:j7k37a_firmware:*:*:*:*:*:*:*:*
hp j7k38a_firmware < 001.2225a cpe:2.3:o:hp:j7k38a_firmware:*:*:*:*:*:*:*:*
hp j7k35a_firmware < 001.2225a cpe:2.3:o:hp:j7k35a_firmware:*:*:*:*:*:*:*:*
hp j7k39a_firmware < 001.2225a cpe:2.3:o:hp:j7k39a_firmware:*:*:*:*:*:*:*:*
hp t0f28a_firmware < 001.2225a cpe:2.3:o:hp:t0f28a_firmware:*:*:*:*:*:*:*:*
hp t0f36a_firmware < 001.2225a cpe:2.3:o:hp:t0f36a_firmware:*:*:*:*:*:*:*:*
hp j7k34a_firmware < 001.2225a cpe:2.3:o:hp:j7k34a_firmware:*:*:*:*:*:*:*:*
hp t0f33a_firmware < 001.2225a cpe:2.3:o:hp:t0f33a_firmware:*:*:*:*:*:*:*:*
hp t0f39a_firmware < 001.2225a cpe:2.3:o:hp:t0f39a_firmware:*:*:*:*:*:*:*:*
hp t0f34a_firmware < 001.2225a cpe:2.3:o:hp:t0f34a_firmware:*:*:*:*:*:*:*:*
hp t0f35a_firmware < 001.2225a cpe:2.3:o:hp:t0f35a_firmware:*:*:*:*:*:*:*:*
hp j7k40a_firmware < 001.2225a cpe:2.3:o:hp:j7k40a_firmware:*:*:*:*:*:*:*:*
hp j7k36a_firmware < 001.2225a cpe:2.3:o:hp:j7k36a_firmware:*:*:*:*:*:*:*:*
hp j7k42a_firmware < 001.2225a cpe:2.3:o:hp:j7k42a_firmware:*:*:*:*:*:*:*:*
hp j7k41a_firmware < 001.2225a cpe:2.3:o:hp:j7k41a_firmware:*:*:*:*:*:*:*:*
hp t0f29a_firmware < 001.2225a cpe:2.3:o:hp:t0f29a_firmware:*:*:*:*:*:*:*:*
hp t0f37a_firmware < 001.2225a cpe:2.3:o:hp:t0f37a_firmware:*:*:*:*:*:*:*:*
hp t0f40a_firmware < 001.2225a cpe:2.3:o:hp:t0f40a_firmware:*:*:*:*:*:*:*:*
hp g5j56a_firmware < 003.2226a cpe:2.3:o:hp:g5j56a_firmware:*:*:*:*:*:*:*:*
hp y0s18a_firmware < 003.2226a cpe:2.3:o:hp:y0s18a_firmware:*:*:*:*:*:*:*:*
hp l3t99a_firmware < 003.2226a cpe:2.3:o:hp:l3t99a_firmware:*:*:*:*:*:*:*:*
hp y0s19a_firmware < 003.2226a cpe:2.3:o:hp:y0s19a_firmware:*:*:*:*:*:*:*:*
hp g5j38a_firmware < 002.2226a cpe:2.3:o:hp:g5j38a_firmware:*:*:*:*:*:*:*:*
hp t1p99a_firmware < 002.2226a cpe:2.3:o:hp:t1p99a_firmware:*:*:*:*:*:*:*:*
hp d9l63a_firmware < 001.2225b cpe:2.3:o:hp:d9l63a_firmware:*:*:*:*:*:*:*:*
hp d9l64a_firmware < 001.2225b cpe:2.3:o:hp:d9l64a_firmware:*:*:*:*:*:*:*:*
hp j3p65a_firmware < 001.2225b cpe:2.3:o:hp:j3p65a_firmware:*:*:*:*:*:*:*:*
hp j3p66a_firmware < 001.2225b cpe:2.3:o:hp:j3p66a_firmware:*:*:*:*:*:*:*:*
hp j3p67a_firmware < 001.2225b cpe:2.3:o:hp:j3p67a_firmware:*:*:*:*:*:*:*:*
hp j3p68a_firmware < 001.2225b cpe:2.3:o:hp:j3p68a_firmware:*:*:*:*:*:*:*:*
hp t0g70a_firmware < 001.2225b cpe:2.3:o:hp:t0g70a_firmware:*:*:*:*:*:*:*:*
hp d9l18a_firmware < 001.2224b cpe:2.3:o:hp:d9l18a_firmware:*:*:*:*:*:*:*:*
hp m9l66a_firmware < 001.2224b cpe:2.3:o:hp:m9l66a_firmware:*:*:*:*:*:*:*:*
hp m9l67a_firmware < 001.2224b cpe:2.3:o:hp:m9l67a_firmware:*:*:*:*:*:*:*:*
hp t0g46a_firmware < 001.2224b cpe:2.3:o:hp:t0g46a_firmware:*:*:*:*:*:*:*:*
hp j6x76a_firmware < 001.2224b cpe:2.3:o:hp:j6x76a_firmware:*:*:*:*:*:*:*:*
hp j6x78a_firmware < 001.2224b cpe:2.3:o:hp:j6x78a_firmware:*:*:*:*:*:*:*:*
hp j6x80a_firmware < 001.2224b cpe:2.3:o:hp:j6x80a_firmware:*:*:*:*:*:*:*:*
hp k7s37a_firmware < 001.2224b cpe:2.3:o:hp:k7s37a_firmware:*:*:*:*:*:*:*:*
hp m9l70a_firmware < 001.2224b cpe:2.3:o:hp:m9l70a_firmware:*:*:*:*:*:*:*:*
hp j6x77a_firmware < 001.2224b cpe:2.3:o:hp:j6x77a_firmware:*:*:*:*:*:*:*:*
hp j6x81a_firmware < 001.2224b cpe:2.3:o:hp:j6x81a_firmware:*:*:*:*:*:*:*:*
hp j6x79a_firmware < 001.2224b cpe:2.3:o:hp:j6x79a_firmware:*:*:*:*:*:*:*:*
hp k7s38a_firmware < 001.2224b cpe:2.3:o:hp:k7s38a_firmware:*:*:*:*:*:*:*:*
hp t0g47a_firmware < 001.2224b cpe:2.3:o:hp:t0g47a_firmware:*:*:*:*:*:*:*:*
hp t0g48a_firmware < 001.2224b cpe:2.3:o:hp:t0g48a_firmware:*:*:*:*:*:*:*:*
hp t0g49a_firmware < 001.2224b cpe:2.3:o:hp:t0g49a_firmware:*:*:*:*:*:*:*:*
hp m9l65a_firmware < 001.2224b cpe:2.3:o:hp:m9l65a_firmware:*:*:*:*:*:*:*:*
hp d9l20a_firmware < d9l20a cpe:2.3:o:hp:d9l20a_firmware:*:*:*:*:*:*:*:*
hp k7s32a_firmware < d9l20a cpe:2.3:o:hp:k7s32a_firmware:*:*:*:*:*:*:*:*
hp d9l21a_firmware < 001.2225b cpe:2.3:o:hp:d9l21a_firmware:*:*:*:*:*:*:*:*
hp k7s42a_firmware < 001.2225b cpe:2.3:o:hp:k7s42a_firmware:*:*:*:*:*:*:*:*
hp t0g65a_firmware < 001.2225b cpe:2.3:o:hp:t0g65a_firmware:*:*:*:*:*:*:*:*
hp k7s39a_firmware < 001.2225b cpe:2.3:o:hp:k7s39a_firmware:*:*:*:*:*:*:*:*
hp j6x83a_firmware < 001.2225b cpe:2.3:o:hp:j6x83a_firmware:*:*:*:*:*:*:*:*
hp k7s43a_firmware < 001.2225b cpe:2.3:o:hp:k7s43a_firmware:*:*:*:*:*:*:*:*
hp k7s40a_firmware < 001.2225b cpe:2.3:o:hp:k7s40a_firmware:*:*:*:*:*:*:*:*
hp k7s41a_firmware < 001.2225b cpe:2.3:o:hp:k7s41a_firmware:*:*:*:*:*:*:*:*
hp j6u57a_firmware < 2228b cpe:2.3:o:hp:j6u57a_firmware:*:*:*:*:*:*:*:*
hp j9v80a_firmware < 2228b cpe:2.3:o:hp:j9v80a_firmware:*:*:*:*:*:*:*:*
hp j6u55a_firmware < 2228b cpe:2.3:o:hp:j6u55a_firmware:*:*:*:*:*:*:*:*
hp j6u51b_firmware < 2228b cpe:2.3:o:hp:j6u51b_firmware:*:*:*:*:*:*:*:*
hp j6u55b_firmware < 2228b cpe:2.3:o:hp:j6u55b_firmware:*:*:*:*:*:*:*:*
hp j9v82a_firmware < 2228b cpe:2.3:o:hp:j9v82a_firmware:*:*:*:*:*:*:*:*
hp w1b28a_firmware < 006.2225a cpe:2.3:o:hp:w1b28a_firmware:*:*:*:*:*:*:*:*
hp y3z45a_firmware < 006.2225a cpe:2.3:o:hp:y3z45a_firmware:*:*:*:*:*:*:*:*

References for CVE-2022-28722

cvelogic Threat Intelligence