HP printers: Critical vulnerability (Sept. 2022)

Sicherheit (Pexels, allgemeine Nutzung)[German]HP has published a warning about a buffer overflow vulnerability in the firmware of various printer models (Inkjet, Laserjet Pro and HP PageWide Pro printers) on September 21, 2022. One vulnerability even potentially allows remote code execution (RCE). Firmware updates for the affected printer models are now available.


Vulnerability in HP printers

There are two serious vulnerabilities in various HP printers, as HP discloses in security advisory ish_6839789-6839813-16 dated September 21, 2022. Certain HP printing products are potentially vulnerable to a buffer overflow and/or remote code execution. It affects the following vulnerabilities:

HP is not disclosing details about the two vulnerabilities. HP has since released firmware updates to address the vulnerabilities for the affected devices. To get the updated firmware, go to HP's software and driver downloads page. Then, the firmware update can be searched for by entering the printer model. According to HP, various inkjet printers (HP DeskJet), Laserjet Pro printers and HP PageWide Pro printers are affected. Details can be found in the security notice (the page takes quite a long time to load).

Cookies helps to fund this blog: Cookie settings

This entry was posted in devices, Security and tagged , . Bookmark the permalink.

One Response to HP printers: Critical vulnerability (Sept. 2022)

  1. Glenn Pearl says:

    Be aware: Product Numbers on the Advisory page are inaccurate. Recommend searching HP's download site by Product Number to get correct firmware for your model.

Leave a Reply

Your email address will not be published. Required fields are marked *