Security News > 2018 > August > HP plugs critical RCE flaws in InkJet printers
2018-08-06 15:08
HP has plugged two critical vulnerabilities (CVE-2018-5924, CVE-2018-5925) affecting many of its InkJet printers and is urging users to implement the provided firmware updates as soon as possible. The vulnerabilities, discovered and reported by a still unnamed third-party researcher, can be triggered via a maliciously crafted file sent to an affected device. Such a file can cause a stack or static buffer overflow, which could allow remote code execution. The list of affected devices is … More → The post HP plugs critical RCE flaws in InkJet printers appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/IfiNq30btCg/
Related news
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
- Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-13 | CVE-2018-5924 | Out-of-bounds Write vulnerability in HP products A security vulnerability has been identified with certain HP Inkjet printers. | 9.8 |
| 2018-08-13 | CVE-2018-5925 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP products A security vulnerability has been identified with certain HP Inkjet printers. | 7.8 |