Remote Firmware Upgrade Vulnerability in HP LaserJet Printers
CVE-2004-2439

Currently unrated

Key Information:

Vendor: HP
Status: Laserjet 4200; Laserjet 4100 Mfp; Laserjet 9000; Laserjet 9040 Mpf
Vendor: CVE Published:; 31 December 2004

What is CVE-2004-2439?

The HP LaserJet 4200 and 4300 printers contain a vulnerability that allows remote attackers to perform firmware upgrades without any authentication. This flaw exposes the printers to potential exploits, as unauthorized upgrades can lead to malicious firmware being installed. Without adequate security measures in place to verify the identity of the user attempting to upgrade the firmware, the printers become easy targets for remote attacks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/17634

vdb-entryx_refsource_XF

http://securitytracker.com/id?1011671

vdb-entryx_refsource_SECTRACK

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Aug 20, 2005
Vulnerability published
Dec 31, 2004