Home → News → Hundreds of HP Printer Models Vulnerable to Remote... → Full Text

Hundreds of HP Printer Models Vulnerable to Remote Code Execution

By BleepingComputer

March 31, 2022

[article image]

HP issued security advisories for three critical-severity vulnerabilities impacting its LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models.

The first bulletin reveals a buffer overflow flaw, identified by Trend Micro's Zero Day Initiative team, which could enable remote code execution on affected printers.

The company has released firmware security updates for most of the affected models, and instructions for disabling LLMNR (Link-Local Multicast Name Resolution) in network settings for models without a patch.

The second bulletin discloses two critical and one high-severity vulnerabilities, also detected by the Zero Day Initiative team, which could be exploited for information disclosure, remote code execution, and denial of service.

Those with the impacted machines were advised to apply the security updates as soon as possible, place the devices behind a network firewall, and implement remote access restriction policies.

From BleepingComputer (03/22/22) Bill Toulas
View Full Article


Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA


No entries found