Manufacturer HP has released an official statement to confirm its discovery. security bug on printer models LaserJet. error is admitted “critical” and allows data to be extracted from specific devices HP Enterprise LaserJet This HP LaserJet Managed.
The CVE-2023-1707 flaw targets popular devices in the enterprise environment, such as the HP Color LaserJet Enterprise M455 and HP Color LaserJet Managed E45028. According to the manufacturer, the vulnerability can only be exploited if the printer has software. FutureSmart 5.6 for remote access and feature IPsec enabled for corporate networking.
The problem may allow third parties access private files and details transmitted between printers and other devices connected to the same network. The list of those affected may include, for example, documents to be printed, contracts and reports containing confidential information and sensitive data.
What should we do?
If your printer is on the list of potential destinations, HP recommends that you: user forced firmware downgrade for previous version, 5.5.0.3.
Other than that and avoiding sending files over the internal network, the user can’t do anything else to prevent it – the company has promised a definitive fix patch within 90 days. A complete list of affected models and firmware can be found on the HP website.
According to the statement sent by the brand Sleep ComputerThe vulnerability was found during routine scans and has not been found to be exploited to date.
Source: Tec Mundo
I am a passionate and hardworking journalist with an eye for detail. I specialize in the field of news reporting, and have been writing for Gadget Onus, a renowned online news site, since 2019. As the author of their Hot News section, I’m proud to be at the forefront of today’s headlines and current affairs.