{"id":6429,"date":"2018-08-06T00:33:00","date_gmt":"2018-08-05T22:33:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=6429"},"modified":"2024-10-01T15:16:59","modified_gmt":"2024-10-01T13:16:59","slug":"remote-code-execution-vulnerability-in-hp-inkjet-printers","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2018\/08\/06\/remote-code-execution-vulnerability-in-hp-inkjet-printers\/","title":{"rendered":"Remote Code Execution vulnerability in HP inkjet printers"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" align=\"left\" height=\"47\">[<a href=\"https:\/\/www.borncity.com\/blog\/?p=207355\" target=\"_blank\" rel=\"noopener\">German<\/a>]Here is a security notification for users of HP inkjet printers. HP has discovered vulnerabilities in the firmware of various printers that allow remote code execution.<\/p>\n<p><!--more--><\/p>\n<p>I have been notified by a German blog reader, but saw the information also on a German blog. There is a vulnerarbility in the firmware of certain HP inkjet printers that allow remote code execution.&nbsp; <\/p>\n<blockquote>\n<p>Since many printers are connected via WLAN, this vulnerability could easily be exploited. From fishing to falsifying documents or manipulating other network devices, anything is imageable. HP considers the discovered vulnerabilities to be extremely critical (9.8 out of 10). HP already offers firmware updates to address these vulnerabilities..<\/p>\n<\/blockquote>\n<h2>HP Security Bulletin c06097712<\/h2>\n<p>HP's Product Security Response Team (PSRT) has published a warning on August 1, 2018 and updated it on August 3, 2018 as a security advisory. Two vulnerabilities (CVE-2018-5924, CVE-2018-5925 and HP's internal PSR-2018-0072) have been detected in the firmware of certain HP inkjet printers. A malicious file sent to an affected device can cause a stack or static buffer overflow that could allow remote code execution. HP classifies the two vulnerabilities as critical (9.8 out of 10). <\/p>\n<p>HP has provided firmware updates for affected models. These can be downloaded and installed from the <a href=\"https:\/\/web.archive.org\/web\/20161121082323\/http:\/\/support.hp.com:80\/redirect\/hub\/s-002\" target=\"_blank\" rel=\"noopener\">HP Software and Drivers<\/a> website after entering the model. Instructions for upgrading the firmware can be found under <a href=\"https:\/\/web.archive.org\/web\/20201206230625\/https:\/\/support.hp.com\/us-en\/document\/c02919168\" target=\"_blank\" rel=\"noopener\">Upgrading Printer Firmware<\/a>. <\/p>\n<h2>Which printers are affected?<\/h2>\n<p>A table listing all affected printers and the new firmware version can be found in this HP document. If the printer is listed in the list of affected devices, a firmware update should be performed immediately. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Here is a security notification for users of HP inkjet printers. HP has discovered vulnerabilities in the firmware of various printers that allow remote code execution.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[448,580],"tags":[1147,69],"class_list":["post-6429","post","type-post","status-publish","format-standard","hentry","category-devices","category-security","tag-hp-printer","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/6429","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=6429"}],"version-history":[{"count":1,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/6429\/revisions"}],"predecessor-version":[{"id":35153,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/6429\/revisions\/35153"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=6429"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=6429"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=6429"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}