54 HP Printer Models for Enterprises REmotely Vulnerable to Attackers

[ad_1]

54 HP Printer Models for Enterprises REmotely Vulnerable to Attackers

These are printers running Windows CE as their OS. The vulnerability allows someone to read the contents of the FIPS-encrypted hard drive. The vulnerability is achieved through a malicious software update, but these printers can even have their firmware installed via a print job running over port 9100.

This affects a number HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP OffifceJet Enterprise printers.

The report is at https://foxglovesecurity.com/2017/11/20/a-sheep-in-wolfs-clothing-finding-rce-in-hps-printer-fleet/ and describes how it works. HP is busy issuing a patch for this but it is worth checking that all printers are patched as many enterprises are slower at patching printers than desktop computers and servers.

Note that the remote code execution vulnerability described in this post was reported to HP on August 21st, 2017. HP says that a fix has been developed and has published a security bulletin https://support.hp.com/nz-en/document/c05839270.

sR4hZfH3LKYkLfU56q0I9zSd6IjxXedwqVAz4n rM8Ti5s1CvayNKW3zDeZvRSH2V9G5SN8RdGFf2P32i2pOnMyKiBU 76omKKlyI77AQTXunnGy=w506 h910 A Sheep in Wolf’s Clothing – Finding RCE in HP’s Printer Fleet
By @breenmachine Sometimes the marketing department goes a little too far. Most of us who work in security have been there, non-technical people enthusiastic about selling the technical feat…

[ad_2]

Source link