Security News > 2018 > August > HP plugs critical RCE flaws in InkJet printers
2018-08-06 15:08
HP has plugged two critical vulnerabilities (CVE-2018-5924, CVE-2018-5925) affecting many of its InkJet printers and is urging users to implement the provided firmware updates as soon as possible. The vulnerabilities, discovered and reported by a still unnamed third-party researcher, can be triggered via a maliciously crafted file sent to an affected device. Such a file can cause a stack or static buffer overflow, which could allow remote code execution. The list of affected devices is … More → The post HP plugs critical RCE flaws in InkJet printers appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/IfiNq30btCg/
Related news
- Fortinet warns of critical RCE bug in endpoint management software (source)
- Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool (source)
- Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability (source)
- Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks (source)
- HPE Aruba Networking fixes four critical RCE flaws in ArubaOS (source)
- Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-13 | CVE-2018-5924 | Out-of-bounds Write vulnerability in HP products A security vulnerability has been identified with certain HP Inkjet printers. | 7.5 |
| 2018-08-13 | CVE-2018-5925 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP products A security vulnerability has been identified with certain HP Inkjet printers. | 9.3 |