HP printer issue on Mac: What happened?

Update now! Many HP printers affected by three critical security vulnerabilities

In two security advisories, HP has alerted users to the existence of security vulnerabilities in several of its printer models.

In total, four vulnerabilities were patched, but three of those vulnerabilities are rated critical, and all of them can lead to remote code execution (RCE) when exploited.

Link-Local Multicast Name Resolution

CVE-2022-3942is a vulnerability rated with a CVSS scoreof 8.4 out of 10. As HP puts it: Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution.

The Link-Local Multicast Name Resolution (LLMNR) is a protocol based on the Domain Name System (DNS) packet format that allows both IPv4 and IPv6 hosts to perform name resolution for hosts on the same local link. Its main function is to resolve host names to facilitate communication between hosts on local networks.

HP Print devices

The second security advisorystates that certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. This is a set of three vulnerabilities, of which two have been rated as critical and one rated “high”.

Which models are affected?

The list of printer models affected by the first vulnerability is almost endless. Users of every model of HP Color LaserJet, HP LaserJet, HP PageWide, HP Scanjet Enterprise, HP DeskJet, HP OfficeJet, HP DesignJet, and the HP Digital Sender Flow 8500 fn2 Document Capture Workstation are encouraged to check for updated firmware.

The models affected by the second set of vulnerabilities are:

  • HP Color LaserJet ProM453 – M454, MFP M2XX, MFP M478, M479
  • HP LaserJet ProM304, M305, M404, M405, MFP M428, M429, MFP M428, M429 F
  • HP PageWide352dw Printer, 377dw Multifunction Printer,
  • HP PageWide ManagedP55250dw Printer series, P57750dw Multifunction Printer
  • HP PageWide Pro 452dn Printer series, 452dw Printer series, 477dn Multifunction Printer series, 477dw Multifunction Printer series, 552dw Printer series, 577 Multifunction Printer series
  • HP OfficeJet Pro 8210 Printer series, 8216 Printer series, 8730 All-in-One Printer, 8740 All-in-One Printer series

How to update your printer

Patches are available for these vulnerabilities, so users can visit HP’s official software and driver download portal, navigate to their device model, and install the latest available firmware version.

An exception exists for the HP Color LaserJet Pro MFP M2xx models where remediation is pending. Users of these type of all-in-one printers will have to check later whether a patch has been made available.

Stay safe, everyone!

ABOUT THE AUTHOR

Pieter Arntz

Malware Intelligence Researcher

Was a Microsoft MVP in consumer security for 12 years running. Can speak four languages. Smells of rich mahogany and leather-bound books.