Security News > 2017 > November > Remotely Exploitable Flaw Found In HP Enterprise Printers—Patch Now

Remotely Exploitable Flaw Found In HP Enterprise Printers—Patch Now
2017-11-23 00:26

Security researchers have discovered a potentially dangerous vulnerability in the firmware of various Hewlett Packard (HP) enterprise printer models that could be abused by attackers to run arbitrary code on affected printer models remotely. The vulnerability (CVE-2017-2750), rated as high in severity with 8.1 CVSS scale, is due to insufficiently validating parts of Dynamic Link Libraries (


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/Gwh-6dcYOyA/hp-printer-hacking.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-01-23 CVE-2017-2750 Improper Input Validation vulnerability in HP products
Insufficient Solution DLL Signature Validation allows potential execution of arbitrary code in HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP OfficeJet Enterprise printers before 2308937_578479, 2405087_018548, and other firmware versions.
network
low complexity
hp CWE-20
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
HP 6795 19 248 488 234 989