Security News > 2022 > March > Hundreds of HP printer models vulnerable to remote code execution

Hundreds of HP printer models vulnerable to remote code execution
2022-03-22 13:18

HP has published security advisories for three critical-severity vulnerabilities affecting hundreds of its LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models.

The first security bulletin warns about about a buffer overflow flaw that could lead to remote code execution on the affected machine.

"Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with the use of Link-Local Multicast Name Resolution or LLMNR." reads the advisory.

HP has released firmware security updates for most of the affected products.

A second security bulletin from HP warns about two critical and one high-severity vulnerability that could be exploited for information disclosure, remote code execution, and denial of service.

While not many details have been published about these vulnerabilities, the repercussions of remote code execution and information disclosure are generally far-reaching and potentially dire.


News URL

https://www.bleepingcomputer.com/news/security/hundreds-of-hp-printer-models-vulnerable-to-remote-code-execution/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
HP 6795 19 248 488 234 989