silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,148
Researchers have discovered several vulnerabilities affecting at least 150 multi-function (print, scan, fax) printers made by Hewlett Packard.
Since the flaws discovered by F-Secure security researchers Alexander Bolshev and Timo Hirvonen date back to at least 2013, they've likely exposed a large number of users to cyberattacks for a notable amount of time.
HP has released fixes for the vulnerabilities in the form of firmware updates for two of the most critical flaws on November 1, 2021.
These are CVE-2021-39237 and CVE-2021-39238. For a complete list of the affected products, click on the tracking numbers for the corresponding advisories.
An HP spokesperson has shared the following comment with Bleeping Computer:
HP constantly monitors the security landscape and we value work that helps identify new potential threats. We have published a security bulletin for this potential vulnerability here. The security of our customers is a top priority and we encourage them to always stay vigilant and to keep their systems up to date.
8-year-old HP printer vulnerability affects 150 printer models
Researchers have discovered several vulnerabilities affecting at least 150 multi-function (print, scan, fax) printers made by Hewlett Packard.
www.bleepingcomputer.com