Security researchers from FoxGlove Security have discovered a dangerous (RCE) remote code execution flaw in the firmware of different HP enterprise printer models that could be exploited by hackers to run arbitrary code on vulnerable printer models remotely.
The flaw tracked as CVE-2017-2750 and rated as high in severity with the score 8.1, is due to incompletely validating parts of Dynamic Link Libraries (DLL).
The printers are vulnerable to flaws related to common printing languages, PostScript and PJL, that are used in most laser printers. These flaws have existed for decades.
According to the researchers:
PJL is a language that computers will speak with the printer when submitting print jobs. This language has also been extended to have the ability of performing some administrative tasks.
In order to find remote code execution vulnerability, the researchers extracted the printer OS and firmware and reverse engineered both of them. HP has implemented some anti-tampering mechanisms to stop tampering with the system, but the researchers were able to bypass them and gain access to files. They were also able to crack signature validation for solutions files and upload a malicious DLL and execute arbitrary code.
The RCE flaw was reported to the company on August 21 and HP has promised to release a patch this week.