Printers connected to the network are often found to be a risk to the internal security of a given organization. In the past, we have found how a simple Google search yields results of thousands of connected printers. Now, the Homeland Security has issued a warning about HP’s LaserJet Pro printers, citing that it contains a critical telnet bug.
The security flaw in the printer line-up was originally discovered by a German security expert, Christoph von Wittich. Apparently, Wittich was going through his corporate’s network and trying to discern any security loopholes in it when he found out the bug in a LaserJet pro printer.
Anyone with nefarious purposes can use this vulnerability in an online printer to simply launch a denial-of-service attack. Such attacks have been known to be used in taking down company systems. Not only that, the bug can further be used to gain unauthorized access to a company’s data, which can be even more damaging.
Following the discovery, Homeland Security’s Computer Emergency Response Team has issued a vulnerability note, warning the users that they should avoid using any of the HP LaserJet pro printers. HP has still to release a patch for the bug or even provide a statement about the whole issue.
Source: Homeland Security
Courtesy: The Hacker News