{"id":37057,"date":"2025-02-06T02:12:51","date_gmt":"2025-02-06T01:12:51","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=37057"},"modified":"2025-02-06T02:12:56","modified_gmt":"2025-02-06T01:12:56","slug":"hp-universal-print-driver-series-pcl-6-vulnerabilities","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2025\/02\/06\/hp-universal-print-driver-series-pcl-6-vulnerabilities\/","title":{"rendered":"HP Universal Print Driver Series (PCL 6) vulnerabilities"},"content":{"rendered":"<p><img decoding=\"async\" style=\"margin: 0px 10px 0px 0px; display: inline; float: left;\" title=\"Windows\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Windows-klein.jpg\" alt=\"Windows\" width=\"200\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2025\/02\/06\/hp-universal-print-driver-series-pcl-6-potentielle-schwachstelle\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]There are vulnerabilities in older HP Universal Print printer drivers (PCL 6 and PostScript) for Windows. The background to this is that these printer drivers use the libjpeg, libpng, OpenSSL and zlib libraries and may have (older) vulnerabilities. HP has issued a security advisory and driver update on January 29, 2025.<\/p>\n<p><!--more--><\/p>\n<p>A blog reader contacted me and asked if I knew anything about a vulnerability in the \"HP Universal Print Driver PCL6\". He referred to a security report from HP from the end of January 2025 and said that he was still looking into the risks of using an older driver version and the problems that can occur when updating.<\/p>\n<h2>The HP security advisory<\/h2>\n<p>Printer manufacturer HP has published the security warning <a href=\"https:\/\/support.hp.com\/us-en\/document\/ish_11892982-11893015-16\/hpsbpi03995\" target=\"_blank\" rel=\"noopener\">HP Universal Print Driver Series (PCL 6 and PostScript) &#8211; Potential Security Vulnerabilities<\/a> on 29.01.2025. The Universal Print Driver can be used under Windows to control various HP printers. In the HP Universal Print Driver Series (PCL 6 and PostScript) potential vulnerabilities in various libraries have been identified.<\/p>\n<ul>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-12652\" target=\"_blank\" rel=\"noopener\">CVE-2017-12652<\/a> (CVSS 3-Score 9.8, Critical) in libpng, Arbitrary Code Execution<\/li>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-2068\" target=\"_blank\" rel=\"noopener\">CVE-2022-2068<\/a> (CVSS 3-Score 9.8, Critical) in OpenSSL, Arbitrary Code Execution<\/li>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-45853\" target=\"_blank\" rel=\"noopener\">CVE-2023-45853<\/a> (CVSS 3-Score 9.8, Critical) in zlib, Information Disclosure<\/li>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-14152\" target=\"_blank\" rel=\"noopener\">CVE-2020-14152<\/a> (CVSS 3-Score7.1, High) in libjpeg, Denial of Service<\/li>\n<\/ul>\n<p>According to the CVE scores, these vulnerabilities are quite old and date back to 2017. All HP Universal Printing Driver Series drivers (PCL 6 and PostScript) prior to 7.3.0.25919 are affected. HP has released an updated HP Universal Printing Driver Series driver version 7.3.0.25919 to close the vulnerabilities.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]There are vulnerabilities in older HP Universal Print printer drivers (PCL 6 and PostScript) for Windows. The background to this is that these printer drivers use the libjpeg, libpng, OpenSSL and zlib libraries and may have (older) vulnerabilities. HP has &hellip; <a href=\"https:\/\/borncity.com\/win\/2025\/02\/06\/hp-universal-print-driver-series-pcl-6-vulnerabilities\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[448,26,580,1547,22,2],"tags":[536,415,69,194],"class_list":["post-37057","post","type-post","status-publish","format-standard","hentry","category-devices","category-ios","category-security","category-software","category-update","category-windows","tag-driver","tag-printer","tag-security","tag-windows"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37057","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=37057"}],"version-history":[{"count":1,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37057\/revisions"}],"predecessor-version":[{"id":37058,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37057\/revisions\/37058"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=37057"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=37057"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=37057"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}