Your HP printer could be facing the risk of a serious cyberattack

Image depicting a hand on a scanner
(Image credit: Pixabay)

HP has issued patches for four dangerous vulnerabilities affecting hundreds of its printers. According to two security advisories that the company published, the vulnerabilities could lead to remote code execution, data theft, or denial of service.

The models affected by the flaws include the likes of the LaserJet Pro series, Pagewide Pro series, OfficeJet, Enterprise, Large Format, and DeskJet. 

The first issue is tracked as CVE-2022-3942. It comes with an 8.4 severity score, which would rank it as “high severity”, but HP tracks it as “critical”.

TechRadar needs yo...

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.

>> Click here to start the survey in a new window <<

Not all devices have patches

“Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with the use of Link-Local Multicast Name Resolution or LLMNR.” the company said in one of the advisories.

The second advisory discusses three additional flaws, two of which are described as “critical” and one as “high severity”. These could lead to remote code execution, denial of service, or information exfiltration.

Tracked as CVE-2022-24291, CVE-2022-24292, and CVE-2022-24293, these can also be addressed by updating the device firmware. 

HP endpoint admins interested in updating their devices should visit HP’s official software and driver download portal, to look for the appropriate fix. 

The bad news is that HP did not prepare firmware updates for all of the affected devices, but it did offer workarounds. Most of them include disabling LLMNR (Link-Local Multicast Name Resolution) in network settings. 

Those interested in disabling unused network protocols via embedded web server for LasterJet Pro should check out more details here. Those with other devices should refer to the guidelines on this link. 

These are high-severity risks, which could potentially be abused with malware for remote code execution. As such, they are too risky not to be addressed, and admins should move fast to plug these holes as soon as possible.

Via: BleepingComputer

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.