HP LaserJet printers vulnerable to attacks, researchers warn
Company downplays danger threat, says fix is coming
Computerworld - Millions of Hewlett Packard Co.'s LaserJet printers contain a security weakness that could allow attackers to take control of the systems, steal data from them and issue commands that could cause the devices to overheat and catch fire, according to two researchers from Columbia University.
Printers from other vendors likely have the same issue, leaving users of those devices exposed to similar threats, the researchers said.
The security researchers findings was first published by MSNBC.com earlier today.
In response, HP today downplayed the researchers' claims, labeling them "sensational and inaccurate."
"While HP has identified a potential security vulnerability with some HP LaserJet printers, no customer has reported unauthorized access," the company said.
It disputed media reports that the flaw would let hackers set LaserJet printers on fire and said that safety mechanisms built into the printers precluded that from happening.
The flaw in HP's LaserJet printers was discovered by Professor Salvatore Stolfo of the Computer Science Department at Columbia University's School of Engineering and Applied Science and fellow security researcher Ang Cui.
The vulnerability exists in the LaserJet printer's Remote Firmware Update process. Because of weak authentication measures, the printers can be fooled into accepting arbitrarily modified firmware by anyone with logical access to the device, Stolfo said in an interview.
The LaserJet printers that were tested do not require firmware updates to be digitally signed, allowing anyone to essentially instruct the printer to erase its existing operating software and overwrite it with a malicious one.
Attackers could gain total control of the printer and rewrite its software so that it would be impossible to reset it, he said. "It is a pretty bad security flaw," Stolfo said.
Stolfo said that he and Cui investigated three popular LaserJet models and discovered the same weakness in all three. The printers were the LaserJet 203x/205x, the LaserJet 3800 series and the LaserJet 4005.
All that was required to compromise the printers was a maliciously crafted print job, either sent by someone with access to the printer or by someone remotely if the printer is connected directly to the Internet, according to Stolfo.
The flaw allows attackers to steal documents from a compromised printer, or to use the device as a launch pad for attacking computers attached to it. The vulnerability also allows attackers to issue a command that could cause the printer's fuser, which is used to dry ink, to start heating up. Theoretically at least, that could cause the printing paper to catch fire.
According to Stolfo, during a demonstration, he was able to get the fuser on a LaserJet printer hot enough to cause the printer paper to brown and start smoking. But a safety mechanism built into the printer caused it to fail in a safe manner before it could catch on fire.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts