Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Vulnerabilities affect over 150 HP printer models

Issue 8 2021 News & Events

HP has issued patches that fix security vulnerabilities cybersecurity provider F-Secure discovered in over 150 of their multifunction printer (MFP) products. According to research by F-Secure, attackers can exploit the vulnerabilities to seize control of vulnerable devices, steal information, and further infiltrate networks to inflict other types of damage.


Timo Hirvonen.

F-Secure security consultants Timo Hirvonen and Alexander Bolshev discovered exposed physical access port vulnerabilities (CVE-2021-39237) and font parsing vulnerabilities (CVE-2021-39238) in HP’s MFP M725z – part of HP’s FutureSmart line of printers. Security advisories published by HP list over 150 different products affected by the vulnerabilities.

The most effective method would involve tricking a user from a targeted organisation into visiting a malicious website, exposing the organisation's vulnerable MFP to what’s known as a cross-site printing attack. The website would, automatically, remotely print a document containing a maliciously crafted font on the vulnerable MFP, giving the attacker code execution rights on the device.

An attacker with these code execution rights could silently steal any information run (or cached) through the MFP. This includes not only documents that are printed, scanned or faxed, but also information like passwords and login credentials that connect the device to the rest of the network. Attackers could also use compromised MFPs as a beachhead to penetrate further into an organisation’s network in pursuit of other objectives (such as stealing or changing other data, spreading ransomware, etc.).

While the researchers determined that exploiting the vulnerabilities is difficult enough to prevent many low-skilled attackers from using them, experienced threat actors could make use of them in more targeted operations.

Furthermore, the researchers discovered the font parsing vulnerabilities are wormable, meaning attackers could create self-propagating malware that automatically compromises affected MFPs and then spreads to other vulnerable units on the same network.

“It’s easy to forget that modern MFPs are fully-functional computers that threat actors can compromise just like other workstations and endpoints. And just like other endpoints, attackers can leverage a compromised device to damage an organisation’s infrastructure and operations. Experienced threat actors see unsecured devices as opportunities, so organisations that don’t prioritise securing their MFPs like other endpoints leave themselves exposed to attacks like the ones documented in our research,” explained Hirvonen.

Advice for securing MFPs

Considering HP’s status as a leading provider of MFPs with an estimated 40% of the hardware peripheral market [1], many companies throughout the globe are likely using vulnerable devices.

Hirvonen and Bolshev contacted HP last spring with their findings and worked with them to help patch the vulnerabilities. HP has now published firmware updates and security advisories for the affected devices.

While the attack’s difficulty makes it impractical for some threat actors, the researchers say that it’s important for organisations targeted by advanced attacks to secure their vulnerable MFPs.

In addition to patching, measures for securing MFPs include:

Limiting physical access to MFPs.

• Segregating MFPs in a separate, firewalled VLAN.

• Using anti-tamper stickers to signal physical tampering with devices.

• Use locks (such as Kensington locks) to control access to internal hardware.

• Following vendors’ best practices for preventing unauthorised modifications to security settings.

• Placing MFPs in CCTV-monitored areas to record any physical usage of hacked device at the time it was compromised.

“Large enterprises, companies working in critical sectors and other organisations facing highly-skilled, well-resourced attackers need to take this seriously. There’s no need to panic, but they should assess their exposure, so they’re prepared for these attacks. Although the attack is advanced, it can be mitigated with the basics: network segmentation, patch management and security hardening,” said Hirvonen.

A detailed technical write-up of the research is available on F-Secure Labs: https://labs.f-secure.com/publications/printing-shellz

[1] https://www.idc.com/promo/hardcopy-peripherals




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Is your entrance security secure?
SMART Security Solutions Centurion Systems Technews Publishing News & Events Access Control & Identity Management Smart Home Automation
While Centurion Systems may be known as a leader in gate and door motors in 72 countries, the company has developed more than hardware and now offers an automation ecosystem for access control security.

Read more...
Continuum launches centralised access and identity management
News & Events Access Control & Identity Management Facilities & Building Management
Continuum Identity is a newly launched company in the identity management and access control sector, targeting the complexity of managing various Access and Identity Management (AIM) systems.

Read more...
From prevention to protection
Securex South Africa News & Events Fire & Safety
The Western Cape’s varied landscapes and rapid urban development present a range of fire safety challenges, from densely populated city centres to remote industrial sites, and from heritage buildings to new high-rise developments.

Read more...
Workflow and asset management solutions
Asset Management News & Events
Zamatrack’s innovative workflow and asset management solutions feature the Worxit platform. This all-in-one solution allows businesses to streamline operations with real-time tracking, GPS data, and custom reports.

Read more...
SAQCC Gas awareness
Associations News & Events
SAQCC Gas will raise awareness within the gas industry by emphasising the importance of using registered gas practitioners and getting a Certificate of Compliance (CoC) for all your gas systems.

Read more...
Why Securex matters more than ever
Securex South Africa News & Events Fire & Safety Facilities & Building Management
Visitors will observe the application of integrated security solutions, including AI-enhanced surveillance, cloud-based access control, cybersecurity tools, and perimeter protection within residential, commercial, logistics, and industrial environments

Read more...
Fire Ops SA Partners with Matrix
News & Events Fire & Safety Residential Estate (Industry)
Fire Ops SA, a South African private fire and rescue service, has announced its partnership with Matrix Vehicle Tracking to launch FireStop, providing Matrix and Beame clients with direct access to a dedicated professional private fire service.

Read more...
SABRIC Annual Crime Statistics 2024
News & Events Security Services & Risk Management Residential Estate (Industry)
SABRIC has released its Annual Crime Statistics for 2024, reflecting a significant decline in financial crime losses, but also warning of the growing threat posed by artificial intelligence (AI) in fraud schemes.

Read more...
Adding AI analytics to security monitoring
SEON South Africa News & Events Perimeter Security, Alarms & Intruder Detection Residential Estate (Industry) AI & Data Analytics
SEON has announced its latest integration with Refraime, an AI-powered video analytics platform designed to elevate CCTV surveillance through real-time object detection and intelligent alerting.

Read more...
Advances in electric fence management
Nemtek Electric Fencing Products News & Events Perimeter Security, Alarms & Intruder Detection
Nemtek will demonstrate its newly enhanced FG7C+ Fence Controller, now featuring an advanced software upgrade that connects all Nemtek devices, aggregating data to a single point for efficient electric fence alarm monitoring and control.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.