Hundreds of HP printer models vulnerable to remote code execution
FERC orders Civil Penalty of $450,000 and Disgorgement of $119,425.10 to be paid by Dynegy
April 4, 2022Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit
April 4, 2022
Summary:
HP has published security advisories for three critical-severity vulnerabilities affecting hundreds of its LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models. The first security bulletin warns about a buffer overflow flaw that could lead to remote code execution on the affected machine. Tracked as CVE-2022-3942, the security issue was reported by Trend Micro’s Zero Day Initiative team. A second security bulletin from HP warns about two critical and one high-severity vulnerability that could be exploited for information disclosure, remote code execution, and denial of service.
Additional Discussion:
Links
https://support.hp.com/us-en/document/ish_5948778-5949142-16/hpsbpi03780
https://support.hp.com/us-en/document/ish_5950417-5950443-16/hpsbpi03781
