Advisory No: TZCERT/SA/2021/12/01

Date of First Release: 01^st December 2021

Source: HP

Software Affected: HP Color LaseJet Enterprise, HP OfficeJet Enterprise and HP ScanJet Enterprise 8500 FN1 firmware.

Overview

Two vulnerabilities, namely CVE-2021-39238 and CVE-2021-39237, exists in HP multi-function printers (MFPs)  products. The exploitation of these vulnerabilities could allow an attacker to take control of the affected systems.

Description

The first vulnerability (CVE-2021-39238), the buffer flow issue, could lead to the development of a self-propagating network worm capable of spreading autonomously to other vulnerable MFPs on the same network.

The second vulnerability (CVE-2021-39237) is an information disclosure bug caused by an exposed physical port; local access is necessary as an attack vector.

These weaknesses can be exploited locally by gaining physical access to the device through printing from USB. Another possible attack vector for CVE-2021-39238 is sending an exploit payload through a browser via cross-site printing (XSP).

Impact

Successful exploitation of these vulnerabilities may allow an attacker to take control of the affected systems.

Solution:

HP has issued updates to fix vulnerable versions of the printer’s firmware. Users and Administrators are encouraged to apply necessary updates.

References:

1. https://labs.f-secure.com/publications/printing-shellz 
2. https://support.hp.com/us-en/document/ish_5000383-5000409-16/hpsbpi03749
3. https://www.zdnet.com/article/printing-shellz-critical-bugs-impacting-150-hp-printers-patched/

Foxit has released security updates to address vulnerabilities in Foxit PhantomPDF. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Foxit Security Advisory and apply necessary updates.

FortiGuard Labs has released security updates to address vulnerabilities in FortiClientWindows and FortiClient EMS. Exploitation of these vulnerabilities may allow an attacker to gain escalated privilege.

Users and administrators are encouraged to review FortiGuard Labs Security Advisory and apply necessary updates.

Rustsec has released security update to address a vulnerability in RustEmbed. Exploitation of this vulnerability may allow an attacker to gain access to sensitive information.

Users and administrators are encouraged to review Rustsec Security Advisory and apply necessary updates.

Ubuntu has released security updates to address vulnerabilities in imagemagick. Exploitation of these vulnerabilities may allow an attacker to cause a denial of service condition.

Users and administrators are encouraged to review Ubuntu Security Advisory and apply necessary updates.