Detecting an 8-year-old security flaw, affecting 150 HP printer models
According to researchers Alexander Bolshev and Timo Hirvonen of F-Secure, these vulnerabilities have existed since 2013, so if exploited, many users would have been attacked.
HP has released patches for the security holes by updating the firmware. The two most critical security vulnerabilities were patched on November 1, 2021.
These two vulnerabilities are tracked under the codes CVE-2021-39237 and CVE-2021-39238. The first vulnerability concerns two exposed physical ports that give full access to the device. To exploit, hackers need physical access to the device and potentially steal information.
The second vulnerability causes a buffer overflow on the font parser. With a score of 9.3, this is a very serious problem. If the exploit is successful, the hacker can execute the code remotely.
CVE-2021-39238 is also a "wormable" vulnerability so an attacker could spread the exploit from one printer to the entire network.
Therefore, agencies and organizations should upgrade printer firmware immediately to avoid system-wide attacks.
There are different exploits that hackers can use:
- Print from a USB drive
- Trick someone into printing a malicious document
- Print by connecting directly to a physical LAN port
- Print from another device that the hacker is controlling in the same network segment
- Cross-Page Printing (XSP)
- Direct attack through exposed UART port
It only takes a few seconds to exploit the CVE-2021-39238 vulnerability while a skilled hacker can create a devastating attack based on the CVE-2021-39237 vulnerability in less than 5 minutes.
The good news is that F-Scure has never discovered anyone using these vulnerabilities in attacks. According to HP, the company always monitors security and appreciates the reports of security experts.
In addition to updating firmware, IT admins can do the following to reduce risk:
- Turn off printing from USB
- Put the printer in a separate VLAN behind the firewall
- Only allow outgoing connections from the printer to a specific address list
- Set up a dedicated print server for communication between the workstation and the printer
HP's notes show that even without a firmware update, if appropriate network segmentation methods are followed, the chance of damage due to the two vulnerabilities mentioned above will be significantly reduced.l
You should read it
- 'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
- Hundreds of HP printer models contain vulnerabilities that allow remote code execution attacks
- If you hack HP's printer, you will receive $ 10,000
- Detect a rare vulnerability that causes problems with the printer on Windows 10
- How to share a printer via LAN
- The best 3D printers 2019
- Inkjet (inkjet) and laser printers: Which type is right for you?
- How to fix offline errors of printers on Windows 10
- How to add a printer on Windows 11
- The printer has ink smudges - Causes and ways to fix the printer ink smudge error
- Select the location of the printer in the office
- How to fix Windows errors not connected to the printer
Maybe you are interested
Printer loses letters and letters - Fixing the error is not difficult
4 creative ways to use a scanning printer
Top 5 best printers in 2024
Fix printer errors with blurred text and blurred lines
How to share a printer via Lan network - So that 2 or more computers can print at the same time
The printer cannot display default settings and what you need to do