Security News > 2022 > March > Hundreds of HP printer models vulnerable to remote code execution
HP has published security advisories for three critical-severity vulnerabilities affecting hundreds of its LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models.
The first security bulletin warns about about a buffer overflow flaw that could lead to remote code execution on the affected machine.
"Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with the use of Link-Local Multicast Name Resolution or LLMNR." reads the advisory.
HP has released firmware security updates for most of the affected products.
A second security bulletin from HP warns about two critical and one high-severity vulnerability that could be exploited for information disclosure, remote code execution, and denial of service.
While not many details have been published about these vulnerabilities, the repercussions of remote code execution and information disclosure are generally far-reaching and potentially dire.
News URL
Related news
- Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection (source)
- Rsync vulnerabilities allow remote code execution on servers, patch quickly! (source)
- Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks (source)
- Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution (source)
- New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution (source)