In two security advisories, HP has alerted users to the existence of security vulnerabilities in several of its printer models.
In total, four vulnerabilities were patched, but three of those vulnerabilities are rated critical, and all of them can lead to remote code execution (RCE) when exploited.
Link-Local Multicast Name Resolution
CVE-2022-3942 is a vulnerability rated with a CVSS score of 8.4 out of 10. As HP puts it: Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution.
The Link-Local Multicast Name Resolution (LLMNR) is a protocol based on the Domain Name System (DNS) packet format that allows both IPv4 and IPv6 hosts to perform name resolution for hosts on the same local link. Its main function is to resolve host names to facilitate communication between hosts on local networks.
HP Print devices
The second security advisory states that certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. This is a set of three vulnerabilities, of which two have been rated as critical and one rated “high”.
- CVE-2022-24291 (CVSS 7.5 out of 10)
- CVE-2022-24292 (CVSS 9.8 out of 10)
- CVE-2022-24293 (CVSS 9.8 out of 10)
Which models are affected?
The list of printer models affected by the first vulnerability is almost endless. Users of every model of HP Color LaserJet, HP LaserJet, HP PageWide, HP Scanjet Enterprise, HP DeskJet, HP OfficeJet, HP DesignJet, and the HP Digital Sender Flow 8500 fn2 Document Capture Workstation are encouraged to check for updated firmware.
The models affected by the second set of vulnerabilities are:
- HP Color LaserJet Pro M453 – M454, MFP M2XX, MFP M478, M479
- HP LaserJet Pro M304, M305, M404, M405, MFP M428, M429, MFP M428, M429 F
- HP PageWide 352dw Printer, 377dw Multifunction Printer,
- HP PageWide Managed P55250dw Printer series, P57750dw Multifunction Printer
- HP PageWide Pro 452dn Printer series, 452dw Printer series, 477dn Multifunction Printer series, 477dw Multifunction Printer series, 552dw Printer series, 577 Multifunction Printer series
- HP OfficeJet Pro 8210 Printer series, 8216 Printer series, 8730 All-in-One Printer, 8740 All-in-One Printer series
How to update your printer
Patches are available for these vulnerabilities, so users can visit HP’s official software and driver download portal, navigate to their device model, and install the latest available firmware version.
An exception exists for the HP Color LaserJet Pro MFP M2xx models where remediation is pending. Users of these type of all-in-one printers will have to check later whether a patch has been made available.
Stay safe, everyone!
The post Update now! Many HP printers affected by three critical security vulnerabilities appeared first on Malwarebytes Labs.