Update your InkJet printer now! HP reports critical vulnerabilities in several product lines

Hardware vendor Hewlett Packard is sounding the alarm over two vulnerabilities in some of its popular printers, urging customers to update their HP equipment as soon as possible.

“Two security vulnerabilities have been identified with certain HP Inkjet printers,” according to an advisory posted to the company’s Support forum last week. The flaws in question are labeled CVE-2018-5924 and CVE-2018-5925.

“A maliciously crafted file sent to an affected device can cause a stack or static buffer overflow, which could allow remote code execution,” HP explains.

The company has provided firmware updates for the affected products, including Pagewide Pro, DesignJet, OfficeJet, DeskJet and Envy printers.

“To obtain the updated firmware, go to the HP Software and Drivers page for your product and find the firmware update from the list of available software,” HP instructs customers.

Complete instructions on how to apply the patches can be found here.

The disclosure comes after HP joined a bug bounty program that allows it to reward ethical hackers in exchange for finding and reporting vulnerabilities in its products.

Some 30% of Chief Information Security Officers (CISOs) are now considering signing up for a vulnerability disclosure / bug bounty program in the coming year, a Bugcrowd study has shown.

Read the original article here

You may also like


Get in Touch

Hi there, thanks for stopping by. If you need help with anything, just fill in the form below.
Alternatively, you can call us on 02392 984 730