Critical HP Printer Security Warning 150 Models Exposed To Hack Attack

Security researchers working at F-Secure Labs have disclosed details of two vulnerabilities, collectively named as 'Printer Shellz', impacting at least 150 models of HP multi-function printers. This time it's not a Windows problem for a change; that printer spooler PrintNightmare vulnerability has been patched now. The two 'happy hackers' involved, Timo Hirvonen and Alexander Bolshev approached the research project from a red team perspective rather than just being a product security assessment. This meant they were looking for a vulnerability that they could exploit to attack their target: an HP MFP M725z multi-function printer. What they found were two vulnerabilities, one of which was given a critical 9.8 CVSS 3 rating by the National Vulnerability Database. Furthermore, both vulnerabilities were found to have a reach far beyond that single original target, potentially affecting many HP LaserJet and PageWide models as well. The more serious of the two vulnerabilities could enable a remote attacker to execute code following a buffer overflow exploit. The researchers highlighted several exploit examples, including tricking the target organization into visiting a malicious website. This could expose them to a cross-site printing attack. For example, a document containing a maliciously-crafted font would get printed and open the door to remote code execution for the attacker. The less serious vulnerability required local access to the target printer and was only given a medium 4.8 rating. You may well think that printers are something of a 'meh' attack vector, but that would be foolhardy, as this latest research demonstrates. Not only could an attacker potentially steal information or distribute misinformation but, according to the researchers, allow them to pivot into an attack on the network itself. Furthermore, this threat is made all the more severe as the critical vulnerability is 'wormable', which means an exploit could be created to self-propagate and spread, independently, to other devices on the network. Jake Moore, a cybersecurity specialist at ESET and regular Straight Talking Cyber guest, says that while "updating may seem laborious, any device connected to the internet will need updating as soon as an update is released to keep it secure. Printers make for easy targets due to their long lifespan, which may become outdated and insecure. Clever tricks can be used to use printers to gain entry into the wider network and cause havoc from within. It is always worth remembering that all connected devices are potential back doors into a network whether it be the home or in the office."It's not all bad news, though: the attack methodology is not for the unskilled hacker, and the vulnerabilities have now been addressed in firmware updates from HP. An HP spokesperson told me that "HP constantly monitors the security landscape, and we value work that helps identify new potential threats.

#hp #newsdonaldtrump #newstodayupdate #cnnnewstoday #newstodayoncnn #newsworld #