[ad_1]
HP Inc. has issued firmware updates for a number of safety vulnerabilities that have an effect on greater than 150 fashions of its multifunction printer (MFP) merchandise.
These points should not notably simple to take advantage of. Nonetheless, they current a risk to enterprise organizations as a result of they offer attackers a way to steal information and acquire a foothold on a community, in accordance with F-Safe researchers who found the bugs and reported them to HP in April 2021.
The flaws are additionally harmful as a result of forensic instruments should not usually able to recovering proof from multifunction printers. An attacker who wished to keep up stealth might exploit the issues and go away little or no proof behind, F-Safe stated.
The bugs have been assigned two vulnerability identifiers: CVE-2021-39237 is a single identifier for 2 uncovered bodily ports and CVE-2021-39238
for 2 completely different font parsing flaws. HP merchandise that comprise the vulnerabilities embrace fashions of the corporate’s HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers.
In advisories saying patch availability, HP described
one of many vulnerabilities (CVE-2021-39238) as a essential buffer overflow challenge and the opposite
(CVE-2021-39237) as a high-severity data disclosure vulnerability that may very well be exploited solely by somebody with bodily entry to the system.
“Prospects involved about potential bodily assaults ought to comply with the advice within the product consumer information to make use of a Kensington-style lock to guard towards these and different potential sorts of bodily assaults on HP printers,” the corporate stated.
HP is among the largest printer makers on this planet. IDC earlier this yr estimated HP at present owns 41% of the worldwide marketplace for hard-copy peripherals, a class that features single and multifunction printers and digital copiers.
In a weblog put up on Tuesday, F-Safe stated attackers might exploit these flaws to take management of weak HP multifunction printers or steal any data that’s both run or cached on the gadgets. Information in danger contains any paperwork which might be printed, scanned, or faxed utilizing a weak system. Additionally in danger are login credentials corresponding to usernames and passwords which may join a weak system to the remainder of the enterprise community. As well as, attackers might leverage the issues to achieve an preliminary foothold on a weak community, the safety vendor warned.
F-Safe stated the issues will be exploited in a number of methods. This contains printing from USB drives, utilizing social engineering to persuade a consumer to print a malicious doc, embedding an exploit for the font-parsing flaws in a PDF, or connecting on to the bodily LAN port and printing.
The vulnerabilities exist within the font parser and communications board of affected HP printers. The font parser flaws will be exploited remotely and are wormable, which means an attacker might create malware able to replicating itself on weak printers throughout an enterprise community. Bugs within the communication board, in the meantime, will be exploited solely by somebody with bodily entry to the system.
F-Safe’s investigation discovered expert attackers might possible exploit the bugs comparatively simply. The seller discovered the vulnerabilities involving bodily ports, for example, may very well be exploited in a bit over 5 minutes, whereas the font parser flaws may very well be leveraged in seconds. Nonetheless, the vulnerabilities aren’t simple to seek out or to take advantage of for unskilled risk actors. The truth that bodily entry is required to take advantage of one set of bugs presents one other main problem for attackers. Even so, giant organizations in essential sectors and people prone to focused assaults ought to think about the bugs as life like assault vectors and shield themselves, the safety vendor stated.
For safety groups at organizations with the affected HP merchandise, that is yet one more time they’re pressured to deal with a big risk within the printer surroundings this yr.
In June and July, many organizations needed to rush to patch vulnerabilities in Microsoft’s infamously buggy Home windows Print Spooler service. One of many vulnerabilities particularly — referred to as PrintNightmare — sparked widespread concern as a result of it was remotely exploitable, current in all Home windows variations, and gave attackers a option to acquire extremely privileged entry to essential methods, together with area controllers. Nonetheless, these flaws, whereas current in a printer service, existed within the working system itself and never on the printers themselves, as is the case with the newly patched HP printer flaws.
[ad_2]