In a customer support notice, HP warned of the potential vulnerability in some of its printers which allows remote code execution and buffer overflow.
HP Inc. said in its notice that certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.
The potential vulnerability was reported by Trend Micro – Zero Day Initiative Team, and HP ranks it as critical.
HP recommends to update the printers firmware and in certain HP Enterprise and HP LaserJet Pro printers, the issue may also be mitigated by disabling LLMNR in network settings.
The affected models are various HP Enterprise, LaserJet Pro devices, Deskjet, DesignJet and HP PageWide devices. The full list can be found here.
