WARNING: HP LaserJet Printers Have a Critical Security Bug – Nothing You Can do for Now and Patch Isn’t Coming for 90 Days.

Toner News Mobile Forums Toner News Main Forums WARNING: HP LaserJet Printers Have a Critical Security Bug – Nothing You Can do for Now and Patch Isn’t Coming for 90 Days.

Tonernews.com, April 5, 2023. USA
  • This topic is empty.
Viewing 1 post (of 1 total)
  • Author
    Posts
  • #393351

    jim
    Keymaster

    HP LaserJet printers have a critical security bug – and there’s nothing you can do for now. HP says a patch isn’t coming for up to 90 days.

    HP has issued a warning(opens in new tab) to business customers using certain LaserJet printer models that they should remain vigilant and take steps to tackle a vulnerability that could see unwanted information disclosure occur. CVE-2023-1707 was awarded a score of 9.1 making it of critical severity. Its description reads: “Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version 5.6.”The hardware and infrastructure giant has announced plans to issue a firmware update within 90 days, advising customers to downgrade firmware in the meantime to prevent unwanted attacks.

    HP LaserJet printer vulnerability
    The company confirmed that affected customers are running FutureSmart 5.6, software designed to enable printer configuration from the control panel or a dedicated web page. Affected users will also have IPsec enabled.

    A full list of the affected HP Enterprise LaserJet and HP LaserJet Managed Printers models can be found on the security notice(opens in new tab), which suggests a temporary downgrade to version 5.5.0.3 of the firmware for a period of up to three months while HP works on a fix.

    With laser printing coming under scrutiny for its environmental impacts, such as high energy usage, dissatisfied customers unwilling to wait 90 days may be tempted to consider new hardware.

    The company recently announced new Color LaserJet printers that promise to reduce energy consumption by up to 27%. ITDMs less loyal to HP specifically may also want to consider moving to rival brands like Epson, which earlier this year announced new inkjet printers that use a quarter of a typical laser printer’s energy while matching printing speeds. Regardless, manufacturer security advice should always be adhered to, and a firmware downgrade is a must for any business that values security ahead of a patch.
    https://www.techradar.com/news/hp-laserjet-printers-have-a-critical-security-bug-and-theres-nothing-you-can-do-for-now
    8-year-old HP printer vulnerability affects 150 printer models

  • Author
    April 5, 2023 at 2:30 PM
Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.
The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty, or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action based on the content on our site.