A SECURITY vulnerability on 150 HP printer models has allowed them to be hacked through a simple email that exposes your personal information, according to a new report.
Cybersecurity researchers revealed that the critical vulnerability dates back to 2013 and could allow hackers to steal information from anything printed or scanned with the device.
Researchers from F-Secure emphasizes that printers are often connected to business networks and can reveal confidential company information if targeted.
The vulnerabilities have since been patched by HP.
The F-Secure research team conducted tests involving the HP MFP M725z model.
However, according to the report, it also affects HP Color LaserJet Enterprise, HP LaserJet Enterprise, HP PageWide, HP OfficeJet Enterprise Color and HP ScanJet Enterprise 8500 FN1 workstations. ZDNET.
NS security breach includes two vulnerabilities that are collectively named Printing Shellz.
They were discovered by F-Secure Labs researchers Timo Hirvonen and Alexander Bolshev on April 29, 2021, and HP announced the fix earlier this month.
The first error that the team flagged in the report was named CVE-2021-39238 and assigned a 9.3 severity score.
It is described as a “buffer overflow vulnerability affecting select HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise PageWide, and HP PageWide Managed products.”
The second one is named CVE-2021-39237 with a severity score of 7.1.
This is described as “an information disclosure vulnerability affecting select HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers.”
The team released a demo video of the bug in action, showing how a simple click on a spam email can trigger code that targets a connected printer.
According to the report, this vulnerability can also attack a device through a USB used for printing.
“These vulnerabilities provide attackers with an effective way to steal information: defenders do not have the ability to actively check the security of printers, and so attackers can simply sit back and steal whatever information it comes across (via printer, scan, etc.)” the F-Secure team said.
“They can also use the MFP as a pivot point to move across the corporate network.”
‘NO PROOF OF MINING’
Researchers Hirvonen and Bolshev added: “The vulnerabilities reside in the unit’s communication panel and font analyzer.
“An attacker can exploit them to gain the right to execute code, with the former requiring physical access while the latter can be done remotely.
“A successful attack will allow an adversary to achieve various goals, including stealing information or using a compromised machine as a locomotive for future attacks against an organization. “
Note, however, that there is no evidence that these vulnerabilities were exploited by hackers before HP released a fix.
“Any organization using affected devices should install patches as soon as they are available,” the researchers said.
“While exploiting these issues is somewhat difficult, making these vulnerabilities public will help threat actors know what to look for to attack vulnerable organizations.”
It comes when Google users are urged to double-check their passwords in the face of phishing schemes, data grabs, and other attempts to steal personal information through Gmail, Google Drive, and Google Chrome activity.
GOOGLE USERS WARNED
Since Google accounts act as a centralized hub for many users, they can be a valuable data mine for hackers, especially when it comes to Gmail accounts linked to other websites. .
Hackers can exploit Google accounts through many different ways to get personal information, so users need to be wary of many loopholes for hackers.
“It’s risky to use the same password across multiple sites,” advises Google on its security page.
“If your password for one site is hacked, it can be used to access your account for multiple sites,” the tech company explains.
Last week, Google has also issued an urgent warning via Cloud accounts as Cryptocurrency miners target users and compromise them within 22 seconds.
Google Cloud Services are a collection of remote computing services that may include storing customer data and files off-site – and providing advice on how to handle them.
“The goal of the report is to provide actionable intelligence that will enable organizations to ensure their cloud environments are best protected against today’s threats,” Google said in its report. growing more”.
“During this and future threat intelligence reports, the Google Cybersecurity Action Team will provide threat horizon scanning, trend tracking, and Early Warning notifications for threats. New threats emerge that require immediate action.”
We pay for your stories!
Do you have a story for the American team The Sun?
Source link Your printer could be hacked through Gmail and sensitive information STOP – check if your model is named in the new network alert