HP printers vulnerable to remote code execution

By on
HP printers vulnerable to remote code execution

Security bulletins from HP Inc. warn that hundreds of its print and digital sending products could be vulnerable to remote code execution and buffer overflow.

The buffer overflow flaw could affect LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format and DeskJet printer models. The bulletin listed the severity of the bug as critical and released updates that should solve the issue.

The tech giant has released firmware updates for the affected products and for models without a patch, HP provides mitigation instructions that involve disabling Link-Local Multicast Name Resolution (LLMNR) in network settings.

A second bulletin warns about two more critical and one high-severity vulnerability that could be exploited for information disclosure, remote code execution and denial of service. Considering severity levels, it’s recommended to follow and apply the security updates as soon as possible, impose remote access restriction, and put the devices behind a network firewall.

Support for the issues can be found here.

This article originally appeared at crn.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © 2018 The Channel Company, LLC. All rights reserved.

Most Read Articles

Log In

  |  Forgot your password?