CVE-2026-4682: CWE-121 Stack-based buffer overflow in HP Inc HP DeskJet 2800e All-in-One Printer series
Certain HP DeskJet All in One devices may be vulnerable to remote code execution caused by a buffer overflow when specially crafted Web Services for Devices (WSD) scan requests are improperly validated and handled by the MFP. WSD Scan is a Microsoft Windows–based network scanning protocol that allows a PC to discover scanners (and MFPs) on a network and send scan jobs to them without requiring vendor specific drivers or utilities.
AI Analysis
Technical Summary
This vulnerability involves a stack-based buffer overflow (CWE-121) in HP DeskJet 2800e All-in-One printers triggered by malformed WSD scan requests. The flaw allows remote attackers to execute arbitrary code by sending crafted network requests via the WSD protocol, which is used for network scanning on Windows systems. The vulnerability has a CVSS 4.0 score of 8.7, indicating high severity with network attack vector, low attack complexity, no privileges or user interaction required, but high impact on confidentiality, integrity, and availability. The vendor has not yet provided an official fix or remediation details.
Potential Impact
Successful exploitation could lead to remote code execution on affected HP DeskJet 2800e All-in-One printers, compromising device integrity and potentially allowing attackers to control the device or disrupt its operation. The vulnerability affects network-exposed scanning functionality via WSD, which is enabled by default on Windows networks. There are no reports of active exploitation in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, consider disabling WSD scanning functionality on affected devices if possible or restricting network access to the printers to trusted hosts only to reduce exposure.
CVE-2026-4682: CWE-121 Stack-based buffer overflow in HP Inc HP DeskJet 2800e All-in-One Printer series
Description
Certain HP DeskJet All in One devices may be vulnerable to remote code execution caused by a buffer overflow when specially crafted Web Services for Devices (WSD) scan requests are improperly validated and handled by the MFP. WSD Scan is a Microsoft Windows–based network scanning protocol that allows a PC to discover scanners (and MFPs) on a network and send scan jobs to them without requiring vendor specific drivers or utilities.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves a stack-based buffer overflow (CWE-121) in HP DeskJet 2800e All-in-One printers triggered by malformed WSD scan requests. The flaw allows remote attackers to execute arbitrary code by sending crafted network requests via the WSD protocol, which is used for network scanning on Windows systems. The vulnerability has a CVSS 4.0 score of 8.7, indicating high severity with network attack vector, low attack complexity, no privileges or user interaction required, but high impact on confidentiality, integrity, and availability. The vendor has not yet provided an official fix or remediation details.
Potential Impact
Successful exploitation could lead to remote code execution on affected HP DeskJet 2800e All-in-One printers, compromising device integrity and potentially allowing attackers to control the device or disrupt its operation. The vulnerability affects network-exposed scanning functionality via WSD, which is enabled by default on Windows networks. There are no reports of active exploitation in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, consider disabling WSD scanning functionality on affected devices if possible or restricting network access to the printers to trusted hosts only to reduce exposure.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- hp
- Date Reserved
- 2026-03-23T22:00:03.720Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69dfa86082d89c981f539bdc
Added to database: 4/15/2026, 3:01:52 PM
Last enriched: 4/15/2026, 3:16:50 PM
Last updated: 4/15/2026, 5:14:09 PM
Views: 18
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.