HP patches bugs in over 150 printer models


HP has released updates for a series of vulnerabilities affecting more than 150 of its multifunction printer (MFP) models, which were discovered by FSecure researchers and are being exposed for the first time today in a coordinated disclosure with them.

The vulnerabilities in question are CVE-2021-39237 and CVE-2021-39238, which are two physical access port vulnerabilities and two font parsing flaws. They are classified as severe and critical, respectively. F-Secure consultants Timo Hirvonen and Alexander Bolshev stated the flaws may be leveraged to obtain complete control of a target company’s network if successfully exploited.

Read More…