The CERT Program recently issued a vulnerability note warning that some HP LaserJet Professional printers contain a telnet debug shell that could be exploited remotely to gain unauthorized access to data, and that HP has released a printer firmware update that resolves the issue.
The following 12 printer models are affected: HP LaserJet Pro P1102w, P1102w, P1606dn, M1212nf MFP, M1213nf MFP, M1214nfh MFP, M1216nfh Multifunction Printer, M1217nfw Multifunction Printer, M1218nfs MFP, M1219nf MFP, CP1025nw, and CP1025nw.
Christoph von Wittich of Hentschke Bau GmbH was credited with uncovering the vulnerability. In an interview with CRN's Robert Westervelt, Wittich said he found the flaw during a routine scan of his company's network.
"The printers had a telnet port open which I did not expect to be open," Wittich told CRN. "I tried to connect to the port with a talnet client and I got a debug shell which allows you to disable SSL communication to the HP ePrint Cloud servers and shows the passwords for the HP Cloud server connection in plain text."https://o1.qnsr.com/log/p.gif?;n=203;c=204660770;s=9477;x=7936;f=201812281321530;u=j;z=TIMESTAMP;a=20396194;e=i
In 2011, a class action lawsuit was filed against HP over the security of its printers after Columbia University researchers found that attackers could potentially take control of a system, steal data from it, and even cause it to overheat and catch fire. The suit was later dismissed.