These ancient HP printer security flaws are still exposing 150 models to attack
In a quest to hone their skills by analyzing a HP multifunction printer (MFP), cybersecurity researchers have encountered a couple of bugs that can be exploited to gain remote code execution rights.
According to the researchers, the vulnerabilities, tracked as CVE-2021-39237 and CVE-2021-39238, exist in the unit’s communications board and font parser. Worryingly, they date back to at least 2013, and affect a large number of printers in HP’s stable.
“There are a few things attackers could accomplish by exploiting these flaws in the way we’ve described. These vulnerabilities give attackers an effective way to steal information: defenders are unlikely to proactively examine the security of a printer, and so the attacker can simply sit back and steal whatever information it comes across (via employees printing, scanning, etc),” the researchers shared in a FAQ.
Furthermore, the researchers note that the bugs could enable the attackers to use the compromised MFP as an entry point to move through the corporate network.
Protecting printers
The researchers have used the opportunity to emphasize how organizations make themselves vulnerable to attacks by not treating printers as just another endpoint, leaving them unprotected, and oftentimes bereft of crucial updates.
Furthermore, the researchers argue that the situation isn’t helped by a lack of forensic tools that can recover evidence from MFPs and similar devices. This helps attackers exploit bugs such as the ones that they’ve discovered, while leaving little evidence of their malicious activities.
Although HP has patched the issues, the researchers have also shared ways to help organizations secure vulnerable MFPs.
For starters, organizations should keep the USB printing option disabled to limit physical use of the device. Secondly, the researchers recommend that network printers be placed in a separate, firewalled VLAN.
Instead of allowing computers in the network to communicate with the printers directly, they should instead interface with a dedicated print server, which should be the only point of communication to the printer.
Batten down the hatches with the help of these best firewall apps and services, and ensure your computers are protected with these best endpoint protection tools.
In a quest to hone their skills by analyzing a HP multifunction printer (MFP), cybersecurity researchers have encountered a couple of bugs that can be exploited to gain remote code execution rights. According to the researchers, the vulnerabilities, tracked as CVE-2021-39237 and CVE-2021-39238, exist in the unit’s communications board and…
Recent Posts
- 33 Best Deals From the Amazon Big Spring Sale (2024)
- Fitbit watches in the EU will lose third-party apps and watch faces – here’s why
- United States v. Apple is pure nerd rage
- Joni Mitchell is back on Spotify just like Neil Young — because Joe Rogan isn’t going anywhere
- Apple reportedly gives up on its MicroLED dream for now
Archives
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011