Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
HP Printers RCE Vulnerability
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Multiple HP Printers are vulnerable to RCE attacks.
Insight
Insight
A flaw in HP's Digital Signature Validation makes it possible to load malicious DLLs onto an HP printer and use it to execute arbitrary code on the machine.
Affected Software
Affected Software
Affected are the following Printers and Firmwares: - HP Color LaserJet Enterprise M651 (CZ255A, CZ256A, CZ257A, CZ258A) - Firmware before v 2405129_000047 - HP Color LaserJet Enterprise M652 (J7Z98A, J7Z99A) - Firmware before v 2405130_000068 - HP Color LaserJet Enterprise M653 (J8A04A, J8A05A, J8A06A) - Firmware before v 2405130_000068 - HP Color LaserJet Enterprise MFP M577 (B5L46A, B5L47A, B5L48A) - Firmware before v 2405129_000038 - HP Color LaserJet Enterprise M552 (B5L23A, B5L23V) - Firmware before v 2308903_577315 - HP Color LaserJet Enterprise M553 (B5L24A, B5L25A, B5L26A, B5L27A, B5L38A) - Firmware before v 2308903_577315 - HP Color LaserJet M680 (CZ250A, CA251A) - Firmware before v 2405129_000042 - HP Color LaserJet Managed E65050 (L3U55A) - Firmware before v 2405130_000068 - HP Color LaserJet Managed E65060 (L3U56A, L3U57A) - Firmware before v 2405130_000068 - HP LaserJet Enterprise 500 color MFP M575 (CD644A, CD645A) - Firmware before v 2405129_000045 - HP LaserJet Enterprise 500 MFP M525 (CF116A, CF117A) - Firmware before v 2405129_000048 - HP LaserJet Enterprise 700 color MFP M775 (CF304A, CC523A, CC524C, CC522A, L3U49A, L3U50A) - Firmware before v 2405129_000061 - HP LaserJet Enterprise 800 color M855 (A2W77A, A2W78A, A2W79A) - Firmware before v 2405129_000057 - HP LaserJet Enterprise 800 color MFP M880 (A2W76A, A2W75A, D7P70A, D7P71A) - Firmware before v 2405129_000054 - HP LaserJet Enterprise color flow MFP M575 (CD646A) - Firmware before v 2405129_000045 - HP LaserJet Enterprise flow M830z MFP (CF367A) - Firmware before v 2405129_000060 - HP LaserJet Enterprise flow MFP M525 (CF118A) - Firmware before v 2405129_000048 - HP LaserJet Enterprise Flow MFP M630 (B3G85A) - Firmware before v 2405129_000040 - HP LaserJet Enterprise Flow MFP M631 (J8J64A) - Firmware before v 2405129_000041 - HP LaserJet Enterprise Flow MFP M632 (J8J72A) - Firmware before v 2405129_000041 - HP LaserJet Enterprise Flow MFP M633 (J8J78A) - Firmware before v 2405129_000041 - HP LaserJet Enterprise M527 (F2A76A, F2A77A, F2A81A) - Firmware before v 2405129_000039 - HP LaserJet Enterprise M607 (K0Q14A, K0Q15A) - Firmware before v 2405130_000069 - HP LaserJet Enterprise M608 (K0Q17A, K0Q18A, M0P32A, K0Q19A) - Firmware before v 2405130_000069 - HP LaserJet Enterprise M609 (K0Q20A, K0Q21A, K0Q22A) - Firmware before v 2405130_000069 - HP LaserJet Enterprise M806 (CZ244A, CZ245A) - Firmware before v 2405129_000059 - HP LaserJet Enterprise MFP M630 (J7X28A) - Firmware before v 2405129_000040 - HP LaserJet Enterprise MFP M631 (J8J63A, J8J65A) - Firmware before v 2405129_000041 - HP LaserJet Enterprise MFP M632 (J8J70A, J8J71A) - Firmware before v 2405129_000041 - HP LaserJet Enterprise MFP M633 (J8J76A) - Firmware before v 2405129_000041 - HP LaserJet Enterprise MFP M725 (CF066A, CF067A, CF068A, CF069A) - Firmware before v 2405129_000058 - HP LaserJet Managed E60055 (M0P33A) - Firmware before v 2405130_000069 - HP LaserJet Managed E60065 (M0P35A, M0P36A) - Firmware before v 2405130_000069 - HP LaserJet Managed E60075 (M0P39A, M0P40A) - Firmware before v 2405130_000069 - HP LaserJet Managed Flow MFP E62555 (J8J67A) - Firmware before v 2405129_000041 - HP LaserJet Managed Flow MFP E62565 (J8J74A, J8J79A) - Firmware before v 2405129_000041 - HP LaserJet Managed Flow MFP E62575 (J8J80A) - Firmware before v 2405129_000041 - HP LaserJet Managed MFP E62555 (J8J66A) - Firmware before v 2405129_000041 - HP LaserJet Managed MFP E62565 (J8J73A) - Firmware before v 2405129_000041 - HP OfficeJet Enterprise Color Flow MFP X585 (B5L06A, B5L06V, , B5L07A) - Firmware before v 2405129_000050 - HP OfficeJet Enterprise Color MFP X585 (B5L04A, B5L04V, B5L05A, B5L05V) - Firmware before v 2405129_000050 - HP PageWide Enterprise Color 765 (J7Z04A) - Firmware before v 2405087_018564 - HP PageWide Enterprise Color MFP 586 (G1W39A, G1W39V, G1W40A, G1W40V) - Firmware before v 2405129_000066 - HP PageWide Enterprise Color MPF 780 (J7Z09A, J7Z10A) - Firmware before v 2405087_018548 - HP PageWide Enterprise Color MPF 785 (J7Z11A, J7Z12A) - Firmware before v 2405087_018548 - HP PageWide Enterprise Color X556 (G1W46A, G1W46V, G1W47A, G1W47V, L3U44A) - Firmware before v 2405129_000051 - HP PageWide Managed Color E55650 (L3U44A) - Firmware before v 2405129_000051 - HP PageWide Managed Color E75160 (J7Z06A) - Firmware before v 2405087_018564 - HP PageWide Managed Color Flow MFP 586 (G1W41A, G1W41V) - Firmware before v 2405129_000066 - HP PageWide Managed Color Flow MFP E77650 (J7Z08A, J7Z14A) - Firmware before v 2405087_018548 - HP PageWide Managed Color Flow MFP E77660 (Z5G77A, J7Z03A, J7Z07A, J7Z05A) - Firmware before v 2405087_018548 - HP PageWide Managed Color MFP E77650 (J7Z13A, Z5G79A) - Firmware before v 2405087_018548 - HP ScanJet Enterprise Flow N9120 Doc Flatbed Scanner (L2683A) - Firmware before v 2405087_018552 - HP Digital Sender Flow 8500 fn2 Doc Capture Workstation (L2762A) - Firmware before v 2405087_018553
Detection Method
Detection Method
The script checks if a vulnerable Firmware is installed on the host.
Solution
Solution
Update to the fixed Firmware version