Description
Certain HP OfficeJet Pro printers may be vulnerable to potential denial of service when the IPP requests are mishandled, failing to establish a TCP connection.
Published: 2026-02-10
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch
AI Analysis

Impact

Certain HP OfficeJet Pro printers may suffer a denial of service when IPP requests are mishandled, causing the printer to fail to establish a TCP connection and become unresponsive. This flaw can halt printing operations and disrupt office workflow, but it does not appear to allow exploitation of confidential data or elevation of privileges.

Affected Systems

The vulnerability impacts HP Inc. OfficeJet Pro 8710 All‑In‑One Printer series, including models identified by the CPE strings for HP OfficeJet Pro 8710 printers. The affected firmware is listed under the HP OfficeJet Pro 8710 firmware CPEs.

Risk and Exploitability

The CVSS score of 6.9 indicates a moderate to high severity, while the EPSS score of less than 1% suggests a very low probability of widespread exploitation at present. The flaw is not listed in the CISA KEV catalog. Based on the description, the likely attack vector is a remote attacker sending crafted IPP traffic over the network to the printer, which is then unable to establish a TCP connection and goes offline. No prerequisites beyond network connectivity to the printer are noted; therefore the vulnerability can be exploited from any location that can reach the printer over IPP.

Generated by OpenCVE AI on April 17, 2026 at 20:44 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the printer firmware to the latest version provided by HP for the OfficeJet Pro 8710 series.
  • Limit the printer’s exposure by placing it behind a firewall or VLAN that restricts inbound IPP traffic to trusted devices.
  • Disable IPP services if they are not required for your printing environment.
  • Monitor printer status logs for signs of repeated connection failures and act promptly if patterns emerge.

Generated by OpenCVE AI on April 17, 2026 at 20:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 24 Feb 2026 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Hp
Hp d9l18a
Hp d9l18a Firmware
Hp j6x76a
Hp j6x76a Firmware
Hp j6x77a
Hp j6x77a Firmware
Hp j6x78a
Hp j6x78a Firmware
Hp j6x79a
Hp j6x79a Firmware
Hp j6x80a
Hp j6x80a Firmware
Hp j6x81a
Hp j6x81a Firmware
Hp k7s37a
Hp k7s37a Firmware
Hp k7s38a
Hp k7s38a Firmware
Hp m9l65a
Hp m9l65a Firmware
Hp m9l66a
Hp m9l66a Firmware
Hp m9l67a
Hp m9l67a Firmware
Hp m9l70a
Hp m9l70a Firmware
Hp t0g46a
Hp t0g46a Firmware
Hp t0g47a
Hp t0g47a Firmware
Hp t0g48a
Hp t0g48a Firmware
Hp t0g49a
Hp t0g49a Firmware
CPEs cpe:2.3:h:hp:d9l18a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:j6x76a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:j6x77a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:j6x78a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:j6x79a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:j6x80a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:j6x81a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:k7s37a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:k7s38a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:m9l65a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:m9l66a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:m9l67a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:m9l70a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:t0g46a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:t0g47a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:t0g48a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:t0g49a:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:d9l18a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:j6x76a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:j6x77a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:j6x78a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:j6x79a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:j6x80a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:j6x81a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:k7s37a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:k7s38a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:m9l65a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:m9l66a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:m9l67a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:m9l70a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:t0g46a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:t0g47a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:t0g48a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:t0g49a_firmware:*:*:*:*:*:*:*:*
Vendors & Products Hp
Hp d9l18a
Hp d9l18a Firmware
Hp j6x76a
Hp j6x76a Firmware
Hp j6x77a
Hp j6x77a Firmware
Hp j6x78a
Hp j6x78a Firmware
Hp j6x79a
Hp j6x79a Firmware
Hp j6x80a
Hp j6x80a Firmware
Hp j6x81a
Hp j6x81a Firmware
Hp k7s37a
Hp k7s37a Firmware
Hp k7s38a
Hp k7s38a Firmware
Hp m9l65a
Hp m9l65a Firmware
Hp m9l66a
Hp m9l66a Firmware
Hp m9l67a
Hp m9l67a Firmware
Hp m9l70a
Hp m9l70a Firmware
Hp t0g46a
Hp t0g46a Firmware
Hp t0g47a
Hp t0g47a Firmware
Hp t0g48a
Hp t0g48a Firmware
Hp t0g49a
Hp t0g49a Firmware
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}

Wed, 11 Feb 2026 22:15:00 +0000

Type Values Removed Values Added
First Time appeared Hp Inc
Hp Inc hp Officejet Pro 8710 All-in-one Printer Series
Vendors & Products Hp Inc
Hp Inc hp Officejet Pro 8710 All-in-one Printer Series

Wed, 11 Feb 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 10 Feb 2026 17:45:00 +0000

Type Values Removed Values Added
Description Certain HP OfficeJet Pro printers may be vulnerable to potential denial of service when the IPP requests are mishandled, failing to establish a TCP connection.
Title Certain HP OfficeJet Pro Printers – Denial of Service
Weaknesses CWE-703
References
Metrics cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Hp D9l18a D9l18a Firmware J6x76a J6x76a Firmware J6x77a J6x77a Firmware J6x78a J6x78a Firmware J6x79a J6x79a Firmware J6x80a J6x80a Firmware J6x81a J6x81a Firmware K7s37a K7s37a Firmware K7s38a K7s38a Firmware M9l65a M9l65a Firmware M9l66a M9l66a Firmware M9l67a M9l67a Firmware M9l70a M9l70a Firmware T0g46a T0g46a Firmware T0g47a T0g47a Firmware T0g48a T0g48a Firmware T0g49a T0g49a Firmware
Hp Inc Hp Officejet Pro 8710 All-in-one Printer Series
cve-icon MITRE

Status: PUBLISHED

Assigner: hp

Published:

Updated: 2026-02-11T15:13:10.282Z

Reserved: 2026-02-05T16:51:13.581Z

Link: CVE-2026-1996

cve-icon Vulnrichment

Updated: 2026-02-11T15:13:06.936Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-10T18:16:22.387

Modified: 2026-02-24T14:37:53.690

Link: CVE-2026-1996

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T20:45:25Z

Weaknesses