HP to patch critical bug in LaserJet printers within 90 days


This week, HP stated in a security alert that a major vulnerability affecting the firmware of a few business-grade printers would take up to 90 days to fix. About 50 models of HP Enterprise LaserJet and HP LaserJet Managed Printers are affected by the security flaw, which has the tracking number CVE-2023-1707.

Utilizing the CVSS v3.1 standard, the company determined a severity level of 9.1 out of 10 and adds that exploiting it might result in information disclosure. Despite the excellent score, the exploitation scenario is limited because the susceptible devices require FutureSmart firmware version 5.6 and IPsec to be enabled.

Read More…