Remotely Exploitable Flaw Found In HP Enterprise Printers—Patch Now

Haythem Elmir
0 1
Read Time1 Minute, 33 Second

Security researchers have discovered a potentially dangerous vulnerability in the firmware of various Hewlett Packard (HP) enterprise printer models that could be abused by attackers to run arbitrary code on affected printer models remotely.

The vulnerability (CVE-2017-2750), rated as high in severity with 8.1 CVSS scale, is due to insufficiently validating parts of Dynamic Link Libraries (DLL) that allows for the potential execution of arbitrary code remotely on affected 54 printer models.

The security flaw affects 54 printer models ranging from HP LaserJet Enterprise, LaserJet Managed, PageWide Enterprise and OfficeJet Enterprise printers.

This remote code execution (RCE) vulnerability was discovered by researchers at FoxGlove Security when they were analyzing the security of HP’s MFP-586 printer (currently sold for $2,000) and HP LaserJet Enterprise M553 printers (sold for $500).

According to a technical write-up posted by FoxGlove on Monday, researchers were able to execute code on affected printers by reverse engineering files with the « .BDL » extension used in both HP Solutions and firmware updates.

« This (.BDL) is a proprietary binary format with no publicly available documentation, » researchers said. « We decided that reverse engineering this file format would be beneficial, as it would allow us to gain insight into exactly what firmware updates and software solutions are composed of. »

Since HP has implemented the signature validation mechanism to prevent tampering with the system, the researchers failed to upload a malicious firmware to the affected printer.
However, after some testing researchers said that « it may be possible to manipulate the numbers read into int32_2 and int32_3 in such a way that the portion of the DLL file having its signature verified could be separated from the actual executable code that would run on the printer. »
To read the original aricle :

https://thehackernews.com/2017/11/hp-printer-hacking.html?utm_source=dlvr.it&utm_medium=twitter

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
100 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Laisser un commentaire

Next Post

Over 400 Popular Sites Record Your Every Keystroke and Mouse Movement

How many times it has happened to you when you look for something online and the next moment you find its advertisement on almost every other web page or social media site you visit? Web-tracking is not new. Most of the websites log its users’ online activities, but a recent […]