Remote Code Execution Vulnerability in HP Color MFP and LaserJet Products
CVE-2011-4161

Currently unrated

Key Information:

Vendor: HP
Status: Color Laserjet Enterprise Cp4520; Laserjet M5035; Laserjet Enterprise 600; Laserjet 4250
Vendor: CVE Published:; 1 December 2011

Summary

The default configuration of certain HP printers enables the Remote Firmware Update feature, which can be exploited by remote attackers. By establishing a session on TCP port 9100, attackers can upload malicious firmware updates, leading to arbitrary code execution on the affected device. This vulnerability highlights significant security risks associated with unsecured remote access configurations in multifunction printers and laser printers.

References

http://www.kb.cert.org/vuls/id/717921

third-party-advisoryx_refsource_CERT-VN

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

http://isc.sans.org/diary/Hacking+HP+Printers+for+Fun+and...

x_refsource_MISC

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 1, 2011
Vulnerability Reserved
Oct 21, 2011