HP has released firmware patches to fix a vulnerability that could be exploited to perform remote code execution attacks on enterprise-grade printers.
HP says that the vulnerability impacts a wide range of business-ready printers, including the HP Color LaserJet Enterprise M651, HP Color LaserJet M680, HP LaserJet Enterprise Flow MFP M631, HP PageWide Enterprise Color X556, and many others.
The firmware updates can be downloaded manually from HP through the firmware search tool.
The bug was reported by FoxGlove Security, which issued an advisory disclosing the technical details about it. The researchers managed to reverse engineer ".BDL" (bundle) extension files found in HP's firmware. The next step was to
craft and upload crafted firmware files to discover where signature validation was taking place in order to bypass these protections.
Due to "insufficient solution DLL signature validation," FoxGlove was then able to use this information to create malware specifically designed to exploit the printer ranges' security weaknesses leading to remote code execution.