A critical vulnerability has recently been discovered in certain LaserJet MFP (Multifunction Printer) products. The company has promptly provided a patch to address the issue.
The HP printer vulnerability affected multiple models, potentially leading to buffer overflow and remote code execution. With a severity score of 9.8, the HP LaserJet MFP vulnerability was deemed highly critical.
Details about the HP printer vulnerability
CVE-2023-1329 in HP Enterprise LaserJet MFP products was offered a patch on June 12. The company support page addressing the HP printer vulnerability urged users to update the printer firmware to prevent cyber attacks.
Hackers gain access to corporate systems on unpatched devices through buffer overflow exploits caused by a coding error in the software.
Moreover, the HP printer vulnerability CVE-2023-1329 can be exploited for remote code execution and making changes remotely.
“The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potentially affected products,” the HP support page added.
HP Workpath aligns documents with the multifunctional printers and allows sharing of scanned files to the office MFP among other services.
HP released updated firmware to address the HP printer vulnerability in affected products. The updated firmware can be found here – https://support.hp.com/us-en/drivers
Affected products offered patches against the HP printer vulnerability
Over 50 products were found to be vulnerable due to the flaw in HP software. These are some of the affected products that were mentioned on the HP support page –
- HP Color LaserJet Enterprise MFP M577
- HP Color LaserJet Managed MFP E67650/60
- HP Color LaserJet Managed MFP E87640du-E87660du
- HP LaserJet Enterprise MFP M527
- HP LaserJet Enterprise MFP M528
- HP PageWide Enterprise Color MFP 586
- HP PageWide Color MFP 774
- HP Digital Sender Flow 8500 fn2 Document Capture Workstation
- HP ScanJet Enterprise Flow N9120 fn2 Document Scanner
- HP Color LaserJet Enterprise Flow MFP 5800 series
Third-party vendors using HP printers were also asked to update the patches for the HP printer vulnerability.
“Third-party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer’s patch management policy,” the HP support page read.
HP released several other patches that were noted on its support page. Some of its other vulnerabilities that were patched in the recent past were the critical vulnerability CVE-2023-1707 and CVE-2022-43779. While the former had a severity score of 9.1, the latter had a base score of 7.8 assigned to it.
HP LaserJet MFP vulnerability: Impact of exploiting a remote code execution flaw
Remote code execution flaws such as the HP MFP vulnerability can allow hackers to add, read, delete, and modify system data. It can help change services and have them change their own access to the system.
To prevent cyber attacks, users must update the software to its latest version. Organizations must limit access to servers to those who have the privileges to access specific systems and sensitive data.
Monitoring tools that detect unauthorized access and suspicious activities can offer alerts before further damage has been made.
Using updated firewalls, antivirus and other security tools is a must to detect and prevent various types of malware. After gaining access to a system, the hacker may keep the access to steal system data for a prolonged period of time.
They may increase their privilege and move laterally across the network without anyone knowing. Hence, it is important to have round-the-clock monitoring of systems, not just for unauthorized access but also for bug hunting.