TechBizWebTechBizWeb

    Subscribe to Updates

    Get the latest news about Technology and Business from all around the web..

    What's Hot

    Fitbit’s old-school, OLED-equipped Inspire 3 is down to just $80

    June 10, 2023

    Animoca Brands to Focus on Markets Outside U.S. after SEC Labels Sand Cryptocurrency an Unregistered Security

    June 8, 2023

    Wildfire smoke makes New York air quality worst in the world

    June 7, 2023
    Facebook Twitter Instagram
    • About Us
    • Privacy Policy
    • Guest Post
    • Terms
    • Contact
    Facebook Twitter Instagram
    TechBizWebTechBizWeb
    Subscribe
    • Home
    • Technology

      Fitbit’s old-school, OLED-equipped Inspire 3 is down to just $80

      June 10, 2023

      Walmart’s taking a rare $20 off of a set of four AirTags

      June 1, 2023

      The M1 Pro 16-inch MacBook Pro with 1TB of storage is $800 off today

      May 22, 2023

      Google, how do I ask your AI the right questions?

      May 14, 2023

      Where to preorder The Legend of Zelda: Tears of the Kingdom

      May 6, 2023
    • Business
    • Cyber Security

      Hackers exploit bug in Elementor Pro WordPress plugin

      June 2, 2023

      15 million public-facing services vulnerable to CISA KEV flaws

      May 23, 2023

      HP to patch critical bug in LaserJet printers within 90 days

      May 15, 2023

      Hackers can open Nexx garage doors remotely, and there’s no fix

      May 7, 2023

      Microsoft April 2023 Patch Tuesday fixes 1 zero-day, 97 flaws

      April 29, 2023
    • Blockchain
    • Vulnerabilities
    • Social Engineering
    • Malware
    • Cyber Security Alerts
    TechBizWebTechBizWeb
    Home»Cyber Security»HP to patch critical bug in LaserJet printers within 90 days
    Cyber Security

    HP to patch critical bug in LaserJet printers within 90 days

    May 15, 2023Updated:May 15, 2023No Comments4 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp
    Share
    Facebook Twitter LinkedIn Pinterest Email

    HP announced in a security bulletin this week that it would take up to 90 days to patch a critical-severity vulnerability that impacts the firmware of certain business-grade printers.

    The security issue is tracked as CVE-2023-1707 and it affects about 50 HP Enterprise LaserJet and HP LaserJet Managed Printers models.

    The company calculated a severity score of 9.1 out of 10 using the CVSS v3.1 standard and notes that exploiting it could potentially lead to information disclosure.

    Despite the high score, there is a restrictive exploitation context as vulnerable devices need to run FutureSmart firmware version 5.6 and have IPsec enabled.

    IPsec (Internet Protocol Security) is an IP network security protocol suite used in corporate networks to secure remote or internal communications and prevent unauthorized access to assets, including printers.

    FutureSmart allows users to work and configure printers either from a control panel available at the printer or from a web browser for remote access.

    In this case, the information disclosure flaw could allow an attacker to access sensitive information transmitted between the vulnerable HP printers and other devices on the network.

    BleepingComputer has contacted HP to learn more about the exact impact of the flaw and if the vendor has seen signs of active exploitation but we received no statement at publishing time.

    The following printer model are affected by CVE-2023-1707:

    • HP Color LaserJet Enterprise M455
    • HP Color LaserJet Enterprise MFP M480
    • HP Color LaserJet Managed E45028
    • HP Color LaserJet Managed MFP E47528
    • HP Color LaserJet Managed MFP E785dn, HP Color LaserJet Managed MFP E78523, E78528
    • HP Color LaserJet Managed MFP E786, HP Color LaserJet Managed Flow MFP E786, HP Color LaserJet Managed MFP E78625/30/35, HP Color LaserJet Managed Flow MFP E78625/30/35
    • HP Color LaserJet Managed MFP E877, E87740/50/60/70, HP Color LaserJet Managed Flow E87740/50/60/70
    • HP LaserJet Enterprise M406
    • HP LaserJet Enterprise M407
    • HP LaserJet Enterprise MFP M430
    • HP LaserJet Enterprise MFP M431
    • HP LaserJet Managed E40040
    • HP LaserJet Managed MFP E42540
    • HP LaserJet Managed MFP E730, HP LaserJet Managed MFP E73025, E73030
    • HP LaserJet Managed MFP E731, HP LaserJet Managed Flow MFP M731, HP LaserJet Managed MFP E73130/35/40, HP LaserJet Managed Flow MFP E73130/35/40
    • HP LaserJet Managed MFP E826dn, HP LaserJet Managed Flow MFP E826z, HP LaserJet Managed E82650/60/70, HP LaserJet Managed E82650/60/70

    HP says a firmware update that addresses the vulnerability will be released within 90 days, so there’s currently no fix available.

    The recommended mitigation for customers running FutureSmart 5.6 is to downgrade their firmware version to FS 5.5.0.3.

    “HP recommends immediately reverting to a prior version of the firmware (FutureSmart version 5.5.0.3). Updated firmware to address the issue is expected within 90 days.” – HP

    Users are recommended to source the firmware package from HP’s official download portal, where they can select their printer model and get the relevant software.


    Update 4/5 – An HP spokesperson has sent BleepingComputer the following comment:

    The exposure period to this potential vulnerability was very small (mid-February 2023 until end of March 2023) and only existed on a specific version of firmware (FutureSmart version 5). Customers can no longer download the version of firmware that had this potential vulnerability.

    During this short period, if a customer was using IPsec, the scan job data being sent from the Printer (e.g., scan-to email or scan-to SharePoint) could have potentially been disclosed.

    Data was only potentially exposed if users were scanning a job and sending it to a remote location (such as email, SharePoint, etc.). Credentials could have been potentially exposed if they were not protected by TLS or other underlying encryption mechanisms.

    This issue was discovered by HP during our own testing and acted upon immediately. HP is not aware of any active exploits.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Hackers exploit bug in Elementor Pro WordPress plugin

    June 2, 2023 Cyber Security

    15 million public-facing services vulnerable to CISA KEV flaws

    May 23, 2023 Cyber Security

    Hackers can open Nexx garage doors remotely, and there’s no fix

    May 7, 2023 Cyber Security

    Microsoft April 2023 Patch Tuesday fixes 1 zero-day, 97 flaws

    April 29, 2023 Cyber Security

    SAP releases security updates for two critical-severity flaws

    April 21, 2023 Cyber Security

    Kyocera Android app with 1M installs can be abused to drop malware

    April 13, 2023 Cyber Security
    Editors Picks

    Animoca Brands to Focus on Markets Outside U.S. after SEC Labels Sand Cryptocurrency an Unregistered Security

    June 8, 2023

    Wildfire smoke makes New York air quality worst in the world

    June 7, 2023

    Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG | CISA

    June 5, 2023

    Idaho hospitals working to resume full operations after cyberattack

    June 4, 2023
    Trending Now

    People’s Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection | CISA

    By techbizweb

    Study tests the potential of two quantum machine learning algorithms for malware classification

    By techbizweb

    New hyperactive phishing campaign uses SuperMailer templates: Report

    By techbizweb

    https://www.nationalsportsacademy.com

    slot gacor hari ini

    http://www.inadesfo.org/

    http://www.eueomgbissau.org/

    http://www.congo-mai-mai.net/

    http://www.angelesdelafrontera.org/

    http://fifaworldcup2018schedule.com/

    http://tony4gtrmcr.co.uk/

    http://www.standrewsagreement.org/

    http://www.bob-russell.co.uk/

    http://davidmulholland.co.uk/

    http://railwayhotelenniskillen.com/

    http://www.fantasysportstrades.com/

    http://www.rainleaf-flooring.com

    http://mothersagainstguns.org/

    http://ma-coc.org/

    slot online

    http://www.paradoxmag.com/situs-judi-slot-online-gampang-menang-2021/

    http://www.paradoxmag.com/situs-judi-slot-online-terbaru-2021/

    http://slot-terbaru.net/

    Slot Gacor

    Slot Online

    Situs Slot Gacor

    http://www.appdexterity.com/

    https://cars4kids-deutschland.de/

    https://www.stretchingculture.com/

    https://www.b-123-hp.com/slot-gacor/

    https://denzstaffing.nl/

    https://ezbbqcooking.com/slot-gacor/

    https://www.mbahelp24.com/slot-gacor

    https://minhtanstore.com/slot-jackpot-terbesar/

    https://njbpusupplierdiversity.com/slot-gacor-gampang-menang/

    https://www.floridaspecialtycropfoundation.org/slot-gampang-menang/

    https://childrenscornerpreschool.org/slot-gacor-gampang-menang/

    https://cryptoquoter.com/slot-online-terbaik/

    https://alorkantho24.com/slot-gacor/

    https://ellas.xyz/slot-gacor/

    https://it.dougamatome.xyz/slot-online/

    https://www.daltercume.com/slot-gacor/

    https://josi-ana.dougamatome.xyz/slot88/

    https://josi-ana.dougamatome.xyz/slot-gacor/

    https://fastobserver.com/slot-jackpot-terbesar/

    https://www.planetexperts.com/slot-gacor/

    https://bfsolution.group/slot-bet-kecil/

    https://rustleva.co/slot/

    https://bfsolution.group/slot-bet-kecil/

    https://www.hotelcalimareal.com/togel-online/

    https://anime-game.dougamatome.xyz/slot-gacor-gampang-menang/

    https://anime-game.dougamatome.xyz/togel-online/

    https://bourbonbarrelfoods.com/slot/

    http://suneo39.wp.xdomain.jp/slot/

    https://techbizweb.com/slot-gacor/

    https://www.generalcatalyst.com/18-daftar-slot-gacor-terbaik-gampang-menang-jackpot-hari-ini/

    https://www.hotelcalimareal.com/slot-online/

    https://www.blockgates.io/slot-gacor/

    https://l12.com.br/slot-gacor/

    slot paling gacor

    https://www.donalds-hobby.com/slot-online/

    https://thecryptodirt.com/slot-gacor-hari-ini/

    http://iseta.edu.ar/aulavirtual/app/upload/users/1/1205/my_files/sbobet.html

    http://escuelavirtual.mincit.gov.co/app/upload/users/1/194/my_files/slot.html

    https://www.dev.medecinesfax.org/courses/JUDICASINO/document/slot.html

    http://www.e-archivos.org/cursos/courses/JUDICASINO/document/slot-gacor.html

    http://iesma.com.br/ead/main/upload/users/4/447/my_files/slot.html

    https://www.fundacoop.org/chamilo/app/upload/users/1/1185/my_files/slot.html

    https://fata-aatf.org/eskola/main/upload/users/3/31/my_files/slot.html

    https://uancv.edu.pe/ofinvestigacion/app/upload/users/3/328/my_files/slot-terlengkap.html

    https://micost.edu.my/EL/app/upload/users/2/209/my_files/slot-gacor.html

    https://www.academiacoderdojo.ro/elearningdev/app/upload/users/2/2442/my_files/slot-online.html

    http://campus-cidci.ulg.ac.be/courses/JUDICASINO/document/slot-termurah.html

    https://www.escueladerobotica.misiones.gob.ar/aula-ste/courses/LIVECASINO/document/slot-tergacor.html

    http://ccdipeepccqqfar.usac.edu.gt/chamilo/app/upload/users/3/358/my_files/slot-online.html

    https://cunori.edu.gt/campus/app/upload/users/7/7334/my_files/slot-online.html

    http://u-rus.com.ar/aula/app/upload/users/1/1322/my_files/slot.html

    http://icrodarisoveria.edu.it/chamilo/app/upload/users/1/1855/my_files/slot.html

    https://iestpliliagutierrez.edu.pe/clarolgm/courses/CASINO/document/slot.html

    http://pva.cobach.edu.mx/app/upload/users/7/7379/my_files/slot.html

    http://www.imb-pc-online.edu.gt/PL/app/upload/users/3/373/my_files/slot.html

    http://avcs.upeu.edu.pe/main/upload/users/3333/my_files/slot.html

    https://chamilo.fca.uas.edu.mx/app/upload/users/1/11186/my_files/slot-online/

    TechBizWeb
    Facebook Twitter Instagram Pinterest Vimeo YouTube
    • Home
    • Guest Post
    • About Us
    • Privacy Policy
    • Our Authors
    • Terms and Conditions
    • Contact
    © 2023 Tech Biz Web. Developed by Sawah Dev.

    Type above and press Enter to search. Press Esc to cancel.