Security researchers accept discovered a potentially unsafe vulnerability inwards the firmware of diverse Hewlett Packard (HP) enterprise printer models that could live on abused yesteryear attackers to piece of job arbitrary code on affected printer models remotely.
The vulnerability (CVE-2017-2750), rated every bit high inwards severity alongside 8.1 CVSS scale, is due to insufficiently validating parts of Dynamic Link Libraries (DLL) that allows for the potential execution of arbitrary code remotely on affected 54 printer models.
The safety flaw affects 54 printer models ranging from HP LaserJet Enterprise, LaserJet Managed, PageWide Enterprise in addition to OfficeJet Enterprise printers.
This remote code execution (RCE) vulnerability was discovered yesteryear researchers at FoxGlove Security when they were analyzing the safety of HP's MFP-586 printer (currently sold for $2,000) in addition to HP LaserJet Enterprise M553 printers (sold for $500).
According to a technical write-up posted yesteryear FoxGlove on Monday, researchers were able to execute code on affected printers yesteryear contrary technology scientific discipline files alongside the ".BDL" extension used inwards both HP Solutions in addition to firmware updates.
However, afterward only about testing researchers said that "it may live on possible to manipulate the numbers read into int32_2 in addition to int32_3 inwards such a agency that the share of the DLL file having its signature verified could live on separated from the actual executable code that would piece of job on the printer."
The researchers were able to bypass digital signature validation machinery for HP software "Solution" parcel in addition to managed to add together a malicious DLL payload in addition to execute arbitrary code.
FoxGlove Security has made the source code of the tools used during its interrogation available on GitHub, along alongside the proof-of-concept (PoC) malware payload that could live on remotely installed on the printers.
The actions performed yesteryear their proof of concept malware are every bit follows:
To download the novel firmware update, view the HP website inwards your spider web browser, in addition to pick out Support from the top of the page in addition to pick out Software & drivers. Now, larn inwards the production advert or model number inwards the search box, thus scroll downwards inwards the search results to firmware in addition to download the necessary files.
The vulnerability (CVE-2017-2750), rated every bit high inwards severity alongside 8.1 CVSS scale, is due to insufficiently validating parts of Dynamic Link Libraries (DLL) that allows for the potential execution of arbitrary code remotely on affected 54 printer models.
The safety flaw affects 54 printer models ranging from HP LaserJet Enterprise, LaserJet Managed, PageWide Enterprise in addition to OfficeJet Enterprise printers.
This remote code execution (RCE) vulnerability was discovered yesteryear researchers at FoxGlove Security when they were analyzing the safety of HP's MFP-586 printer (currently sold for $2,000) in addition to HP LaserJet Enterprise M553 printers (sold for $500).
According to a technical write-up posted yesteryear FoxGlove on Monday, researchers were able to execute code on affected printers yesteryear contrary technology scientific discipline files alongside the ".BDL" extension used inwards both HP Solutions in addition to firmware updates.
"This (.BDL) is a proprietary binary format alongside no publicly available documentation," researchers said. "We decided that contrary technology scientific discipline this file format would live on beneficial, every bit it would allow us to arrive at insight into just what firmware updates in addition to software solutions are composed of."Since HP has implemented the signature validation machinery to forestall tampering alongside the system, the researchers failed to upload a malicious firmware to the affected printer.
However, afterward only about testing researchers said that "it may live on possible to manipulate the numbers read into int32_2 in addition to int32_3 inwards such a agency that the share of the DLL file having its signature verified could live on separated from the actual executable code that would piece of job on the printer."
The researchers were able to bypass digital signature validation machinery for HP software "Solution" parcel in addition to managed to add together a malicious DLL payload in addition to execute arbitrary code.
FoxGlove Security has made the source code of the tools used during its interrogation available on GitHub, along alongside the proof-of-concept (PoC) malware payload that could live on remotely installed on the printers.
The actions performed yesteryear their proof of concept malware are every bit follows:
- It downloads a file from http[://]nationalinsuranceprograms[.]com/blar
- Executes the ascendance specified inwards the file on the printer
- Waits for v seconds
- Repeat
To download the novel firmware update, view the HP website inwards your spider web browser, in addition to pick out Support from the top of the page in addition to pick out Software & drivers. Now, larn inwards the production advert or model number inwards the search box, thus scroll downwards inwards the search results to firmware in addition to download the necessary files.
Share This :
comment 0 Comments
more_vert