HP’s M1216nfh machine, one of the affected devices
The OEM quickly issued a critical security update to patch the security problem.
CRN reported that the security flaw exacerbated a vulnerability in some of the OEM’s LaserJet Pro machines that would have allowed attackers access to sensitive or confidential information.
The “telnet debug shell flaw” affects 10 of HP’s LaserJet Pro machines, including the: P1102w; P1606dn; M1212nf; M1213nf; M1214nfh; M1216nfh; M1217nfw; M1218nfs; M1219nf; and the CP1025nw. Concerned users can download the firmware update on HP’s support site by clicking on the Drivers & Software page, before searching for their relevant printer model number.
The latest flaw was discovered by German security expert Christoph von Wittich, who stated to CRN that he discovered the vulnerability “during a routine network scan of his company’s corporate network”. He found that the issue could be used for denial-of-service attacks by hackers, though “as long as the printer is not connected to the internet, this vulnerability should not cause much trouble for the end user”.
Wittich added: “The printers had a telnet port open which I did not expect to be open. I tried to connect to the port with a telnet client and I got a debug shell which allows you to disable SSL communication to the HP ePrint Cloud servers and shows the passwords for the HP Cloud server connection in plain text.”
The OEM recently discussed business security needs after suffering two other printer security issues in January corresponding to Google and its DirectJet machines, whilst Samsung saw a printer security flaw reported late last year.