Backdoor Found, Fixed in HP LaserJet Pro Series Printers

By Tuesday, March 12, 2013 0 , Permalink 0

A total of 10 models of HP’s LaserJet Pro series of printers are affected by this vulnerability. The printers can be accessed through a telnet session without requiring a password thereby giving remote attackers access to unencrypted data. According to the advisory, users who own the affected printers should update the printer’s firmware to patch the vulnerability.

Once the printer is accessed through telnet, a debug shell is initiated through which a remote attacker can disable SSL connections thereby obtaining HP ePrint Cloud server connection passwords in plain text. The researcher who discovered the flaw, Christoph von Wittich, said that the vulnerability can also be used to trigger a denial of service attack. But, he noted that the telnet shell is not accessible over the internet and “should not cause much trouble for the end user”.

HP has listed all the models where the vulnerability is present in its own security advisory. These are the LaserJet Pro P1102w, P1606dn, M1212nf MFP (Multi Function Printer), M1213nf MFP, M1214nfh MFP, M1216nfh MFP, M1217nfw MFP, M1219nf MFP and CP1025nw printers.