HP has issued several warnings for over 250 of its printers. In order to gain access to data, hackers should be able to inject harmful code and conduct DoS assaults. Firmware updates and configuration changes are recommended as a defensive measure.
HP printer vulnerability is related to the LLMNR protocol
The most severe vulnerability, CVE-2022-3942, is rated critical with an impact score of 8.4. Attackers may use firmware flaws to remotely execute a buffer overflow on about 250 HP printer models, Heise reports. Malicious code can then be injected and executed by attackers.
Hacking is made simpler due to a protocol called Link-Local Multicast Name Resolution (LLMNR), which serves as a bridge for attackers. It enables hosts on the same local network to resolve each other’s names into editable addresses using both IPv4 and IPv6. It’s present in all versions of Microsoft Windows since Vista, as well as its mobile counterparts Windows Phone and Windows 10 Mobile. Switching off the LLMNR protocol on the devices, according to HP, can also help prevent this vulnerability.
250 HP printer models are vulnerable to hacks
The following models are labeled as vulnerable: HP Color LaserJet, DesignJet, DeskJet, HP Digital Sender, LaserJet, OfficeJet Pro, Pagewide, and HP ScanJet Enterprise.
For a total of more than 20 models, HP discovered three additional vulnerabilities, CVE-2022-24291, CVE-2022-24292, and CVE-2022-24293. Two are rated as critical. According to HP, the only solution to these issues is upgrading to the most recent firmware. Information theft, denial of service and buffer overflow are identified as possible security risks by HP.
Hackers could gain access to the devices with phishing techniques. The attackers would then be able to read papers, scans, and faxes. Furthermore, the device’s login information might be readable, allowing them access to the rest of the network. HP, on the other hand, advised customers to install new firmware updates.