Cybersecurity scientists on Tuesday disclosed a number of security flaws affecting 150 different multifunction printers (MFPs) from HP Inc that could be possibly abused by an adversary to choose manage of susceptible units, pilfer delicate info, and infiltrate company networks to mount other attacks.
The two weaknesses — collectively known as Printing Shellz — were uncovered and noted to HP by F-Protected Labs scientists Timo Hirvonen and Alexander Bolshev on April 29, 2021, prompting the Computer system maker to issue patches previously this month —
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
- CVE-2021-39237 (CVSS rating: 7.1) – An details disclosure vulnerability impacting selected HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers.
- CVE-2021-39238 (CVSS rating: 9.3) – A buffer overflow vulnerability impacting certain HP Company LaserJet, HP LaserJet Managed, HP Enterprise PageWide, and HP PageWide Managed merchandise.
“The flaws are in the unit’s communications board and font parser,” Hirvonen and Bolshev said. “An attacker can exploit them to achieve code execution rights, with the previous necessitating physical entry though the latter can be completed remotely. A thriving attack will allow for an adversary to achieve various objectives, together with thieving data or utilizing the compromised machine as a beachhead for potential attacks versus an organization.”
CVE-2021-39238’s critical severity score also stems from that the vulnerability is wormable, this means it could be exploited to self-propagate to other MFPs on the compromised network.
A hypothetical attack state of affairs could contain embedding an exploit for the font-parsing flaws in a malicious PDF doc and then social engineering the target into printing the file. Alternatively, an personnel from the victim corporation could be lured into viewing a rogue web page, in the method sending the exploit to the vulnerable MFP specifically from the web browser in what is actually regarded as a cross-web page printing attack.
“The website would, immediately, remotely print a document that contains a maliciously-crafted font on the susceptible MFP, providing the attacker code execution legal rights on the unit,” the researchers stated.
Moreover imposing network segmentation and disabling printing from USB drives by default, it’s extremely recommended for companies utilizing the afflicted devices to install the patches as before long as they become offered. “While exploiting these issues is rather difficult, the public disclosure of these vulnerabilities will assistance risk actors know what to seem for to attack susceptible organizations,” Hirvonen and Bolshev claimed.
Uncovered this report appealing? Comply with THN on Facebook, Twitter and LinkedIn to read extra exclusive material we submit.
Some components of this post are sourced from:
thehackernews.com
More than 90% of IT decision makers reuse passwords