• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
critical wormable security flaw found in several hp printer models

Critical Wormable Security Flaw Found in Several HP Printer Models

You are here: Home / General Cyber Security News / Critical Wormable Security Flaw Found in Several HP Printer Models
November 30, 2021

Cybersecurity scientists on Tuesday disclosed a number of security flaws affecting 150 different multifunction printers (MFPs) from HP Inc that could be possibly abused by an adversary to choose manage of susceptible units, pilfer delicate info, and infiltrate company networks to mount other attacks.

The two weaknesses — collectively known as Printing Shellz — were uncovered and noted to HP by F-Protected Labs scientists Timo Hirvonen and Alexander Bolshev on April 29, 2021, prompting the Computer system maker to issue patches previously this month —

Automatic GitHub Backups

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


  • CVE-2021-39237 (CVSS rating: 7.1) – An details disclosure vulnerability impacting selected HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers.
  • CVE-2021-39238 (CVSS rating: 9.3) – A buffer overflow vulnerability impacting certain HP Company LaserJet, HP LaserJet Managed, HP Enterprise PageWide, and HP PageWide Managed merchandise.

“The flaws are in the unit’s communications board and font parser,” Hirvonen and Bolshev said. “An attacker can exploit them to achieve code execution rights, with the previous necessitating physical entry though the latter can be completed remotely. A thriving attack will allow for an adversary to achieve various objectives, together with thieving data or utilizing the compromised machine as a beachhead for potential attacks versus an organization.”

CVE-2021-39238’s critical severity score also stems from that the vulnerability is wormable, this means it could be exploited to self-propagate to other MFPs on the compromised network.

Prevent Data Breaches

A hypothetical attack state of affairs could contain embedding an exploit for the font-parsing flaws in a malicious PDF doc and then social engineering the target into printing the file. Alternatively, an personnel from the victim corporation could be lured into viewing a rogue web page, in the method sending the exploit to the vulnerable MFP specifically from the web browser in what is actually regarded as a cross-web page printing attack.

“The website would, immediately, remotely print a document that contains a maliciously-crafted font on the susceptible MFP, providing the attacker code execution legal rights on the unit,” the researchers stated.

Moreover imposing network segmentation and disabling printing from USB drives by default, it’s extremely recommended for companies utilizing the afflicted devices to install the patches as before long as they become offered. “While exploiting these issues is rather difficult, the public disclosure of these vulnerabilities will assistance risk actors know what to seem for to attack susceptible organizations,” Hirvonen and Bolshev claimed.

Uncovered this report appealing? Comply with THN on Facebook, Twitter  and LinkedIn to read extra exclusive material we submit.


Some components of this post are sourced from:
thehackernews.com

Previous Post: «more than 90% of it decision makers reuse passwords More than 90% of IT decision makers reuse passwords
Next Post: Yanluowang Ransomware Tied to Thieflock Threat Actor yanluowang ransomware tied to thieflock threat actor»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Hackers Exploiting Unpatched Critical Atlassian Confluence Zero-Day Vulnerability
  • Threat Detection Software: A Deep Dive
  • Conti Leaks Reveal Ransomware Gang’s Interest in Firmware-based Attacks
  • Cybercriminals Expand Attack Radius and Ransomware Pain Points
  • The Challenge Digital Executive Protection Poses to Enterprise Security Teams
  • The Challenge Digital Executive Protection Poses to Enterprise Security Teams
  • Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks
  • Scammers Target NFT Discord Channel
  • ExpressVPN Removes Servers in India After Refusing to Comply with Government Order
  • International Authorities Take Down Flubot Malware Network

Copyright © TheCyberSecurity.News, All Rights Reserved.