RCE? Check. Clear passwords? Check. Interfere with print jobs? Check
21st November 2017 By Richard Chirgwin
Sysadmins have been advised to watch for a coming HP printer firmware update that will plug a remote code execution vulnerability (among others) in its MFP-586 and the M553 printers.
News of the threat emerged from a Foxglove Security deep-dive into printer security that saw the researchers warn HP of problems in August. The post, by Foxglove's Steeve Breen, said “HP notified us that a fix has been developed and is being released this week.”
Full Article.