Serious vulnerabilities found in HP printer models

By on
Serious vulnerabilities found in HP printer models

Follow HP's best practice for security to avoid getting print pwned.

Security researchers have discovered multiple hardware and software vulnerabilities in HP multi-function printers that could be used to steal confidential information and remotely pivot through network infrastructure.

Finnish security vendor F-Secure analysed a HP MFP M725z networked printer from 2013, which is still supported and contains firmware from that same year.

Physical access to the printer would allow an attacker "to dump and tamper with all data that is stored on the system and user partitions of the device," the researchers wrote [pdf].

This could lead to leakage of confidential information and the installation of permanent  rootkits on the devices.

Examining the firmware yielded further exploitation vectors for the researchers, including running a SOCKS proxy on a printer, allowing an attacker to move laterally through network infrastructure.

That remote code execution vulnerability in the font parsing system could be exploited through a malicious website, or a specially crafted document sent to the printer.

F-Secure estimates that around 150 HP multi-function printer models are vulnerable to the exploits found by the security firm.

The security vendor recommends that multi-function printer users follow HP's security practice advisories to mitigate against the vulnerabilities, including isolating printers on separate virtual local area networks and leaving printing via USB at its default disabled state.

Physical attacks can be detected with anti-tamper stickers on the printers which, if damaged, would reveal unauthorised access to the devices.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © . All rights reserved.

Most Read Articles

Log In

  |  Forgot your password?