HP Warns Printers Vulnerable To Remote Code Execution
Three separate bulletins warn of serious security flaws that should be addressed as soon as possible.
Security bulletins from HP Inc. warn that hundreds of its print and digital sending products could be vulnerable to remote code execution and buffer overflow.
The buffer overflow flaw could affect LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format and DeskJet printer models. The bulletin listed the severity of the bug as critical and released updates that should solve the issue.
The Palo Alto, Calif.-based tech giant has released firmware updates for the affected products and for models without a patch, HP provides mitigation instructions that involve disabling Link-Local Multicast Name Resolution (LLMNR) in network settings.
A second bulletin warns about two more critical and one high-severity vulnerability that could be exploited for information disclosure, remote code execution and denial of service. Considering severity levels, it’s recommended to follow and apply the security updates as soon as possible, impose remote access restriction, and put the devices behind a network firewall.
Support for the issues can be found here.