HP has issued patches for four dangerous vulnerabilities affecting hundreds of its printers (opens in new tab). According to two security advisories that the company published, the vulnerabilities could lead to remote code execution, data theft, or denial of service.
The models affected by the flaws include the likes of the LaserJet Pro series, Pagewide Pro series, OfficeJet, Enterprise, Large Format, and DeskJet.
The first issue is tracked as CVE-2022-3942. It comes with an 8.4 severity score, which would rank it as “high severity”, but HP tracks it as “critical”.
We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.
>> Click here to start the survey in a new window (opens in new tab) <<
Not all devices have patches
“Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with the use of Link-Local Multicast Name Resolution or LLMNR.” the company said in one of the advisories.
The second advisory discusses three additional flaws, two of which are described as “critical” and one as “high severity”. These could lead to remote code execution, denial of service, or information exfiltration.
Tracked as CVE-2022-24291, CVE-2022-24292, and CVE-2022-24293, these can also be addressed by updating the device firmware.
HP endpoint admins interested in updating their devices should visit HP’s official software and driver download portal, to look for the appropriate fix.
> Your printer: it's a vulnerable, connected device (opens in new tab)
> These ancient HP printer security flaws are still exposing 150 models to attack (opens in new tab)
> Mischievous hackers could use a simple trick to send printers berserk (opens in new tab)
The bad news is that HP did not prepare firmware updates for all of the affected devices, but it did offer workarounds. Most of them include disabling LLMNR (Link-Local Multicast Name Resolution) in network settings.
Those interested in disabling unused network protocols via embedded web server for LasterJet Pro should check out more details here. Those with other devices should refer to the guidelines on this link.
These are high-severity risks, which could potentially be abused with malware for remote code execution. As such, they are too risky not to be addressed, and admins should move fast to plug these holes as soon as possible.
- Check out our list of the best all-in-one printers (opens in new tab) right now
Via: BleepingComputer (opens in new tab)