"Serious Vulnerability Exploited at Hacking Contest Impacts Over 200 HP Printers"
HP has announced that over 200 of its printer models are impacted by a critical Remote Code Execution (RCE) vulnerability disclosed by researchers at the Pwn2Own hacking contest in 2021. The security vulnerability, tracked as CVE-2022-3942, is described as a buffer overflow that can be exploited to remotely execute arbitrary code. The flaw stems from the use of Link-Local Multicast Name Resolution (LLMNR) and exists in the improper validation of the length of user-supplied data before it is copied to a fixed-length stack-based buffer. An attacker can exploit this vulnerability to execute code in the context of root. Impacted HP printer models include Enterprise (LaserJet, Color LaserJet, Digital Sender Flow, OfficeJet, PageWide, and ScanJet), LaserJet Pro, PageWide Pro, DeskJet, and more. Although firmware updates were released for most of the affected devices, tens of pinter models are still vulnerable. Therefore, the company suggests disabling LLMNR in network settings in order to mitigate the flaw. This article continues to discuss the security hole leaving hundreds of HP printers vulnerable to RCE and other security defects discovered in HP printers by researchers at Pwn2Own.