Your one-stop web resource providing safety and security information to manufacturers

Some printers manufactured by Hewlett-Packard, including 10 of its LaserJet Professional printers, have a security vulnerability that could allow an attacker to remotely access data, according to the Computer Emergency Response Team (CERT).

The problem stems from a telnet debug shell glitch that can allow an unauthenticated user to connect to the printer and in turn, glean data, according to CERT. HP’s Software Security Response Team wrote about the problem in a security bulletin last week.

Networked Printers Open to Attack
Fix for VoIP Phone Vulnerabilities
Secure Communication Technology
Converting Natural Gas to Chemicals

HP’s following LaserJet Pro printers are vulnerable: P1102w, P1606dn, M1212nf, M1213nf, M1214nfh, M1216nfh, M1217nfw, M1218nfs, M1219nf and CP1025nw, according to the bulletin.

German security researcher Christop von Wittich with Hentschke Bau GmbH discovered the flaw.

Schneider Bold

HP is advising affected customers to download updated firmware for printers impacted by the bug from the company’s Support Center site. The company is also encouraging those still concerned with the vulnerability to email for further guidance.

Printers have had a handful of security vulnerabilities of late, along with other Internet-enabled devices over the last few years.

Pin It on Pinterest

Share This