HP Detects Critical Vulnerabilities in their Printers: Are You Protected?
Cibersecurity also includes peripheral devices such as printers. HP has recently identified three vulnerabilities in its printers that could put users and businesses at risk.
These failures, classified as critical, high and medium severity, can be exploited by cybercriminals to remotely execute code or scale privileges to obtain administrator permissions.
How do these vulnerabilities affect?
The vulnerabilities detected are related to PostScript file processing, a page description language used in the print system. According to HP:
- The critical severity vulnerability allows remote code execution on affected devices, meaning that an attacker could take control of the printer without requiring physical access.
- The high severity vulnerability allows for privilege escalation, granting the attacker administrator permissions and thus complete control of the print system.
- Although the risks of medium severity vulnerability have not been detailed, it still poses a threat to user safety.
How can we protect ourselves?
In the face of such threats, HP urges users to update their printers’ firmware as soon as possible. Software updates are essential to close security gaps and prevent cybercriminals from exploiting these vulnerabilities.
In addition, it’s recommended:
- Maintain a policy of periodic updates for all devices connected to the network.
- Configure printers with appropriate security protocols.
- Avoid printing from unknown sources that may contain malicious files.
To understand the risks that printer security breaches can cause, we’ve provided you with a real-life case where a company received threats through their printer due to an intrusion attack at the following link.
If you want to know more details, you can consult the corresponding notice in this link.
For more notices follow the Incibe website.
