These HP printers are victims of a critical security flaw, no fix for 3 months

Fifty HP business printers expose a critical security flaw. The company recommends changing the firmware, pending a more durable solution.

HP is recognized by its professional customers for the good quality of its products, and above all for its excellent after-sales service. The company therefore did not hesitate to publish an article on its support page to warn its users of the serious danger that awaits them. Dozens of HP printers from the LaserJet Enterprise and Color LaserJet Managed lines exhibit a flaw that would allow cybercriminals to take control of their devicesor even worse, to establish itself on the network (most often corporate), in which the equipment is installed.

The vulnerability referenced under the code CVE-2023-1707 received a severity score of 9.1 out of 10. It is all the more serious as it concerns no less than 52 products in the catalog of the American company. Exploiting this flaw is however not within the reach of the first hacker to come. Indeed, a number of conditions must first be met. First of all, the IPSec protocol, which is supposed to secure the transfer of data on the corporate network, must be activated. In addition, administrators must manage the fleet of machines with the FutureSmart version 5.6 platform, which allows access to their settings through a web interface.

52 HP printer models expose this critical security flaw, quickly change their firmware

A fairly competent hacker could therefore hack printers and computers connected to the same network. Under these conditions, we imagine that a company as big as HP will quickly propose a solution to the situation. This is unfortunately not the case. She admits that the security patch will not arrive for 90 daysleaving far too much time for potential hackers to place an attack.

If you own theone of the devices mentioned on the HP site, you are strongly advised to follow the company’s recommendations. To counter the CVE-2023-1707 security flaw, HP therefore recommends to “downgrade” (install older version) temporarily firmware of affected printers to FutureSmart or earlier.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *