Zero-Day: HP Printer Hack

Exposing your network with HP OfficeJet Printers

A malicious fax sent to an vulnerable all-in-one inkjet printer can give hackers control of the printer and act as a springboard into your network environment.

HP’s implementation of a widely used fax protocol is used in all its OfficeJet all-in-one inkjet printers.  HP Inc. has released patches for both of these vulnerabilities (CVE-2018-5925 and CVE-2018-5924).Robert Brown, Director of Services at Verismic said, “These vulnerabilities have a CVSS score 9.8 out of a maximum of 10 making these your highest priority this month.”We recommend deploying these updates using Syxsense. There is suspicions that this is being actively exploited, and to complicate things further, these updates will require a reboot.

Enhance your patch strategy with Syxsense. Start your free trial today.