A Vulnerability in HP Printer Products Could Allow for Arbitrary Code Execution
by CIRT Team
DESCRIPTION:
A vulnerability has been discovered in HP FutureSmart that could allow
for arbitrary code execution. HP FutureSmart is a piece of system
firmware that is used on all HP Enterprise devices. Successful
exploitation of this vulnerability could allow for arbitrary code
execution within the context of the affected application. Depending on
the privileges associated with this application, an attacker could then
install programs; view, change, or delete data; or create new accounts
with full user rights. If this application has been configured to have
fewer user rights on the system, exploitation of this vulnerability
could have less impact than if it was configured with administrative rights.
IMPACT:
A vulnerability has been discovered in HP FutureSmart that could allow
for arbitrary code execution. Vulnerable HP FutureSmart versions are
susceptible to a buffer overflow vulnerability that may result in the
ability for a remote and unauthenticated attacker to execute arbitrary
code on the targeted systems.
Successful exploitation of this vulnerability could allow for arbitrary
code execution within the context of the affected application. Depending
on the privileges associated with this application, an attacker could
then install programs; view, change, or delete data; or create new
accounts with full user rights. If this application has been configured
to have fewer user rights on the system, exploitation of this
vulnerability could have less impact than if it was configured with
administrative rights.
SYSTEM AFFECTED:
* HP Futuresmart 3 cpe:/h:hp:futuresmart_3 DS
* HP Futuresmart 4 cpe:/h:hp:futuresmart_4 DS
* HP Futuresmart 5 cpe:/h:hp:futuresmart_5 DS
RECOMMENDATIONS:
We recommend the following actions be taken:
* Apply the latest patches provided by HP after appropriate testing.
* Run all software as a non-privileged user (one without administrative
privileges) to diminish the effects of a successful attack.
* Remind users not to visit un-trusted websites or follow links provided
by unknown or un-trusted sources.
* Inform and educate users regarding the threats posed by hypertext
links contained in emails or attachments especially from un-trusted sources.
* Apply the Principle of Least Privilege to all systems and services.
REFERENCES:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39238
https://support.hp.com/us-en/document/ish_5000383-5000409-16
https://www.hp.com/us-en/printers/futuresmart-firmware.html
Published: 10 January 2022, 17:27:49 BST
Recommended Posts
Emerging Threat_Stealer Malware (Lumma C2) Campaign with fake CAPTCHA pages
08 Oct 2024 - Security Advisories & Alerts