TECH

Severe vulnerability discovered in several lines of HP printers

Security firm F-Secure has discovered a critical vulnerability CVE-2021-39238 that affects more than 150 HP LaserJet, LaserJet Managed, PageWide and PageWide Managed MFPs and printers. According to available data, the manufacturer has fixed the issue with the next firmware update, which was released on November 1, 2021

The mentioned vulnerability allows a clipboard overflow in the font manager by sending a specially designed printable PDF document in order to execute code at the firmware level. This type of attack can be carried out on local devices or network printers.

After a successful attack, a compromised printer can be used to launch attacks on the local network, sniff out traffic, or set up a hidden point of presence on the victim's local network. The vulnerability could also be used by cybercriminals to create botnets or as part of a malicious campaign in conjunction with malware that scans systems for vulnerabilities.

To guard against printer attacks, experts recommend placing network devices in separate VLANs, limiting the establishment of outbound printer connections through the firewall. It is also recommended to use a separate intermediate print server rather than directly accessing the printer from users' workstations.

AVnews