Security News > 2018 > August > HP plugs critical RCE flaws in InkJet printers

HP plugs critical RCE flaws in InkJet printers
2018-08-06 15:08

HP has plugged two critical vulnerabilities (CVE-2018-5924, CVE-2018-5925) affecting many of its InkJet printers and is urging users to implement the provided firmware updates as soon as possible. The vulnerabilities, discovered and reported by a still unnamed third-party researcher, can be triggered via a maliciously crafted file sent to an affected device. Such a file can cause a stack or static buffer overflow, which could allow remote code execution. The list of affected devices is … More → The post HP plugs critical RCE flaws in InkJet printers appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/IfiNq30btCg/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-08-13 CVE-2018-5924 Out-of-bounds Write vulnerability in HP products
A security vulnerability has been identified with certain HP Inkjet printers.
network
low complexity
hp CWE-787
critical
9.8
2018-08-13 CVE-2018-5925 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP products
A security vulnerability has been identified with certain HP Inkjet printers.
local
low complexity
hp CWE-119
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
HP 6795 19 248 488 234 989