Hundreds of HP printer models contain vulnerabilities that allow remote code execution attacks
HP has issued security warnings for three critical vulnerabilities affecting hundreds of LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models.
The first warning is about a buffer overflow vulnerability that could lead to remote code execution on affected machines. This vulnerability is tracked under code CVE-2022-3942 and reported by Trend Micro's Zero Day Initiative team. HP assesses this vulnerability at a serious level, although according to the CVSS scale it only reaches 8.4 points, corresponding to a high level of danger.
HP has now released firmware security updates for most of the affected products. For unpatched models, HP provides mitigation instructions that primarily revolve around disabling LLMNR in network settings.
The next holes
HP's second warning talks about two particularly critical vulnerabilities and one critical vulnerability that can be exploited for information disclosure, remote code execution, and denial of service.
These three vulnerabilities are tracked under the codes CVE-2022-24291 (high severity: 7.5 points), CVE-2022-24292 (special severity: 9.8 points), and CVE-2022- 24293 (severe severity: 9.8 points). These vulnerabilities were also discovered by the Zero Day Initiative team.
In this case, the advice given is to update your printer's firmware to the specified version. However, not all printer models are provided with patch updates.
Currently, there is no fix for LaserJet Pro models. HP only marked these models as pending, so an update may be rolling out in the future.
You should read it
- If you hack HP's printer, you will receive $ 10,000
- Detect a rare vulnerability that causes problems with the printer on Windows 10
- How to share a printer via LAN
- Discovered a new zero-day vulnerability on macOS that allows attackers to run commands remotely
- The best 3D printers 2019
- Immediately patch CWP vulnerability that allows code execution as root on Linux servers
- VMware patches RCE Spring4Shell vulnerability on a wide range of products
- Log4Shell zero-day vulnerability discovered, the new nightmare of enterprises
May be interested
- Four Windows vulnerabilities can be exploited in the perfect attack chainthe vulnerabilities include: 2 remote code execution errors, 1 privilege escalation error and 1 secure boot security feature bypass error. under ideal conditions, hackers can combine 4 vulnerabilities to form a perfect attack chain.
- Dell computers became victims of RCE attacks by vulnerabilities in SupportAssistdell recently quietly released a new security update to patch the supportassist client software vulnerability, potentially allowing attackers to not authenticate on the same network access layer using executable malware from away from arbitrary privileges on the victim's computer.
- Detecting an 8-year-old security flaw, affecting 150 HP printer modelsresearchers have discovered several security vulnerabilities affecting at least 150 models of hp multifunction printers (print, scan, fax).
- If you hack HP's printer, you will receive $ 10,000hp is offering a printer-specific vulnerability program, whereby any researcher who discovers vulnerabilities that allow hackers to take control of the company's printer will be rewarded with $ 10,000.
- Microsoft warns of Windows BlueKeep attacksbluekeep is an unauthenticated remote code execution flaw that affects most commonly used microsoft products.
- Microsoft Outlook RCE Vulnerability Can Sell For $400,000if you discover a remote arbitrary code execution vulnerability affecting microsoft outlook, you can sell it for up to $ 400,000.
- Summary of popular network attacks todayfor attacks by exploiting vulnerabilities, hackers must be aware of security issues on the operating system or software and take advantage of this knowledge to exploit vulnerabilities.
- If you are using Firefox, update it immediately to fix securityfirefox is one of the best browsers available today, but it also has security flaws and you should update it immediately if you don't want to be attacked.
- W32.Downadup.B outbreaks during the holiday seasonsymantec recommends that users should update the patches immediately to handle the vulnerabilities in remote code execution for microsoft windows server service rpc.
- Google found 7 security bugs on the famous network software Dnsmasqsecurity researchers have found seven security holes on the dnsmasq network service software, three of which allow remote code execution and hijack computers.