CVE-2026-4682 ‒ HP DeskJet 2855e JobStatusEvent Stack-based Buffer Overflow RCE
Metrics: cve.org
Description
A stack buffer overflow vulnerability in SOAP request handling on the JobStatusEvent endpoint allows remote code execution.
Vulnerability
For Pwn2Own Ireland 2025, we used a stack buffer overflow to achieve remote code execution on the HP DeskJet 2855e.
When setting up a print job via SOAP, a user-controlled field can be set in the PrintJob data. When this data is processed by the JobStatusEvent endpoint, it may be used to trigger a stack buffer overflow that can lead to remote code execution.
The exploit also worked on similar models.
We reported this vulnerability to the Zero Day Initiative, who handled the disclosure to the vendor.
Mitigations
Update to the 2612A firmware version or later, as indicated by the advisory released by HP.
Timeline
| Date | Action |
|---|---|
| 06.11.2025 | Vulnerability reported to vendor (via ZDI) |
| 15.04.2026 | Coordinated public release of ZDI advisory |
| 17.04.2026 | Release of this advisory |
References
Share: