Security Vulnerability in HP Printer Drivers 

March 4, 2025 Bernd Hausmann
Off
Security

Companies using HP Universal Print Drivers for PCL 6 and PostScript in any version prior to 7.3.0.25919 should take immediate action

Printers are not just simple output devices – they are often an integral part of corporate networks. That’s why vigilance is essential whenever a security gap is discovered in printer systems. HP has announced the discovery of a critical security vulnerability in its Universal Print Drivers. This weakness enables attackers to execute malicious code through specially crafted print jobs. As a result, attackers may potentially gain additional access rights within the corporate network. 

Which Drivers and Printers Are Affected?

The security issues affect HP Universal Print Drivers for PCL 6 and PostScript in all versions prior to 7.3.0.25919. This does not just concern specific printer models but all HP printers running these drivers. The identified vulnerabilities have been classified with high to critical security ratings.

Which Security Gaps Are Known?

HP has found four specific CVEs (Common Vulnerabilities and Exposures) relevant in this context: 

  • CVE-2017-12652 
  • CVE-2022-2068 
  • CVE-2023-45853 
  • CVE-2020-1415 

These vulnerabilities could allow attackers to run malicious software on the printer and potentially gain unauthorized access to corporate resources.

Immediate Security Measures

Organizations should take the following steps as soon as possible to minimize the risk of attacks: 

  1. Update the Drivers: The security gaps have been addressed in HP Universal Print Driver version 7.3.0.25919. This version is available for download on HP’s support pages. 
  1. Remove Old Drivers: After installing the updated version, ensure that printers use only the updated drivers. Outdated drivers should be removed from the system to prevent accidental continued use. 
  1. Review Network Security: Companies should regularly review their network security regarding printers. A zero-trust approach for printers, as well as secure cloud-printing solutions like ezeep, can help reduce the potential attack surface. 
  1. Encrypt Print Data: If not already in place, businesses should encrypt print jobs. This precaution prevents attackers from introducing manipulated print data.

Conclusion: Act Now to Avoid Security Risks

This security vulnerability highlights that printers can often be underestimated as a weak point in a company’s IT security strategy. By promptly updating the affected drivers and implementing secure print management solutions, organizations can protect their networks from unauthorized access. 

For more information, and to download the updated drivers, please visit the HP support pages

Bernd Hausmann Avatar
Bernd Hausmann
Business Development Director, Printer Manufacturers, ThinPrint GmbH

Recent Posts

Stay Up To Date!

ThinPrint, an expert in enterprise printing solutions for 20 years, always has the right technology on hand for secure, high-performance printing that seamlessly combines with a perfect user experience. Get the latest articles and news from ThinPrint to your inbox. 

SUBSCRIBE TO NEWSLETTER