HP Confirms New Remote Code Execution Vulnerability Affects Several Printer Models

security hero

HP has acknowledged that its several printer models are vulnerable to a new critical buffer overflow bug that can potentially lead to remote code execution (RCE). This latest security flaw is being tracked under CVE-2022-3942, and it was first discovered by Trend Micro’s Zero Day Initiative team.

As noted in a post by Bleeping Computer, the new security vulnerability comes with a CVSS score of 8.4 (high). HP warned in its first security advisory that this bug impacts a large number of its printer models, including LaserJet Pro, OfficeJet, Pagewide Pro, Large Format, Enterprise, as well as DeskJet models.

“Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with the use of Link-Local Multicast Name Resolution or LLMNR.” HP explained in its security advisory.

Buffer overflow refers to an error that occurs when an application tries to store more data in the buffer memory than it can handle. The buffer overflow bug usually causes malfunctioning and system crashes. However, it can also allow hackers to gain control over compromised systems.

Fortunately, HP has already released new firmware updates for most potentially vulnerable printer models. However, it advises the users of HP Enterprise and HP LaserJet Pro printers to disable LLMNR (Link-Local Multicast Name Resolution) in network settings to mitigate the problem.

HP Confirms New Remote Code Execution Vulnerability Affects Select Printer Models

HP printer models are also vulnerable to information disclosure and denial of service attacks

Moreover, HP published a separate security advisory yesterday regarding three security flaws (CVE-2022-24291, CVE-2022-24292, and CVE-2022-24293) that currently affect various printer models. The company warned that any threat actor could exploit these flaws to perform remote code execution, launch denial of service attacks, and access sensitive information.

Again, HP has recommended users to install the latest firmware updates as soon as possible on all affected printer models. To do so, head over to HP’s official website, select the printer model from the list and finally download the latest firmware version. Currently, these security patches are only available for select printers, and the company plans to release updates for the LaserJet Pro models soon.