• United States



CIO Germany Editor

Vulnerabilities found in 250 HP printer models

Mar 23, 20222 mins

15 troubleshoot printer
Credit: Thinkstock

HP has published various security alerts for more than 250 of its printer models. Hackers should be able to inject malicious code, denial-of-service (DoS) attacks to start and access data. As a countermeasure, the manufacturer recommends firmware updates and configuration changes.

Gateway LLMNR protocol

The first vulnerability, CVE-2022-3942, is classified as critical with a value of 8.4. According to Heise, attackers can use vulnerabilities in the firmware to remotely cause a buffer overflow in around 250 HP printer models. Malicious code can then be injected and executed.

A protocol called Link-Local Multicast Name Resolution (LLMNR) serves as a gateway for hackers. It allows IPv4 and IPv6 hosts name resolution into numeric, editable addresses for hosts on the same local network. It is part of all versions of Microsoft’s operating system since Windows Vista and its mobile counterparts Windows Phone and Windows 10 Mobile. In addition to a firmware update, HP said the vulnerability can also be mitigated by switching off the LLMNR protocol on the devices. 

Affected models include HP Color LaserJet, DesignJet, DeskJet, HP Digital Sender, LaserJet, OfficeJet Pro, Pagewide, and HP ScanJet Enterprise.

For more than 20 additional models, HP identified three additional vulnerabilities, CVE-2022-24291, CVE-2022-24292, and CVE-2022-24293. Two are classified as critical. Information on this is sparse. HP names as possible security risks information theft, DoS and buffer overflow. According to HP, the only solution to these problems is updating to the latest firmware.

Second case of HP printer vulnerabilities in a few months

Such reports are nothing new for HP users. As early as the end of 2021, security researchers found serious gaps in over 150 printer models.

Using phishing tactics, hackers could access the devices and hijack them. The attackers then could read printouts, scans and faxes. In addition, the login data of the device could be readable, which opened the way to the rest of the network. Even then, HP advised firmware updates.

Editor’s note: This story originally appeared on CIO Germany.

CIO Germany Editor

Jens Dose is the editor of CIO Magazine Germany. In addition to the core topics relating to CIOs and their projects, he also deals with the role of CISOs and their areas of ​​responsibility.