This sounds unbelievable, but HP has issued firmware updates to fix it:
HP all-in-ones which support color faxing can be hacked via a fax connection. The hacker then has access to the network the printer is on.
[
securityaffairs.co]
Quote
Security Affairs wrote:
A critical vulnerability potentially exposes millions of HP OfficeJet printers to hack, according to the experts at Check Point the attackers only need to send a fax to the vulnerable printers.
The researchers discovered two critical vulnerabilities in HP’s implementation of a widely used fax protocol implemented in all its OfficeJet all-in-one inkjet printers.
The vulnerabilities affect the HP all-in-one printers that support Group 3 (G3) fax protocols that are part of the ITU T.30 standard for sending and receiving color faxes.
. . .
“Two security vulnerabilities have been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack or static buffer overflow, which could allow remote code execution.” reads the security advisory published by HP.
List of affected HP all-in-one printers here:
[
support.hp.com]
It's a long list . . .
Good luck.
- Winston
------------------------
Be seeing you.
Edited 2 time(s). Last edit at 10/22/2018 07:13PM by Winston.
