UPDATED 08:00 EDT / NOVEMBER 30 2021

SECURITY

Security vulnerabilities found in more than 150 HP multifunction printers

Researchers at cybersecurity solutions firm F-Secure Corp. today revealed they have discovered a range of security vulnerabilities that affect more than 150 multifunction printers from HP Inc.

The researchers, Timo Hirvonen and Alexander Bolshev, started with testing one printer from HP to see if it was vulnerable to hacking. It was, and using those initial findings, they tested other HP devices, finding the widespread nature of the vulnerabilities.

The vulnerabilities include physical access port vulnerabilities and font parsing vulnerabilities. The most effective attack method would involve tricking a user from a targeted organization into visiting a malicious website, exposing the organization’s vulnerable printer to a cross-site printing attack. The website would automatically and remotely print a document containing a maliciously crafted font on the vulnerable printer, giving the attacker code execution rights on the device.

One of the vulnerabilities, with the designation CVE-2021-39238, is also described as wormable, meaning that an attacker could create a self-propagating network worm capable of independently spreading to other vulnerable printers on the same network.

Surprisingly, some of the vulnerabilities dated back to at least 2013. Further complicating matters, the researchers note, many organizations don’t treat printers like other types of endpoints, meaning that security teams often forget about basic security hygiene, such as installing updates.

A successful attack using one of the vulnerabilities can lead to an adversary achieving various objectives, including stealing information or using the compromised printer as a beachhead for future attacks against an organization.

The researchers did note that attacks using the vulnerabilities require some skill to accomplish. As such, many attackers will attempt to find other ways to breach organizations. That said, they note, organizations facing high-skilled, well-resourced threats groups, such as those in critical sectors, should prioritize updating and securing vulnerable printers.

Those updates are now available. Before going public with their findings, Hirvonen and Bolshev worked with HP to address the vulnerabilities. Two security advisories from HP detail the affected products and the patches available.

These sorts of printers “are incredibly common and HP is a market leader,” the researchers conclude. “Smaller organizations should not panic, but larger organizations facing well-resourced/highly-skilled threat actors, and/or organizations involved in critical sectors, should consider this a realistic attack vector. “

Image: HP

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU