Table of Contents
September 23, 2022
|13m
A Critical RCE Vulnerability in HP Printer Devices- Let’s See How to Fix CVE-2022-28721(2)
HP has addressed two vulnerabilities of which one is RCE vulnerability rated Critical and the second is ACE vulnerability rated high in severity. Attackers can abuse these buffer overflow vulnerabilities to perform remote code execution and arbitrary code execution on vulnerable printer modules. Since the critical flaw is rated 9.8 on the CVSS scale and allows to execution of malicious code from remote, it’s important to know how to fix CVE-2022-28721, a critical RCE vulnerability in HP printer devices. The vendor has covered both the flaws in a security advisory to protect your printers against these vulnerabilities. Let’s see what is there in the advisory and see how to apply the patches to your printer modules.
Let’s start the post from the summary of the vulnerabilities and see how to fix CVE-2022-28721, a critical RCE vulnerability in HP printer devices.
Summary of CVE-2022-28721(2)
HP released a security advisory on 21st, Sep. That it disclosed two Buffer Overflow vulnerabilities, one is Critical with a CVSS score of 9.8 and another one is High in severity with 7.1 CVSS scores. These flaws are due to improper bound checking that allows an attacker to overflow a buffer and execute arbitrary code on the affected printer devices.
The critical flaw allows an attacker to execute code over the network and the high severity flaw needs authentication and physical access to execute the code. There are no technical details were published on the flaws to lower the attack possibility.
Summary of CVE-2022-28721:
| Associated CVE ID | CVE-2022-28721 |
| Description | A Remote Code Execution Vulnerability in HP Printer Devices |
| Associated ZDI ID | – |
| CVSS Score | 9.8 Critical |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Impact Score | – |
| Exploitability Score | – |
| Attack Vector (AV) | Network |
| Attack Complexity (AC) | Low |
| Privilege Required (PR) | None |
| User Interaction (UI) | None |
| Scope | Unchanged |
| Confidentiality (C) | High |
| Integrity (I) | High |
| availability (a) | High |
Summary of CVE-2022-28722:
| Associated CVE ID | CVE-2022-28722 |
| Description | A Arbitrary Code Execution Vulnerability in HP Printer Devices |
| Associated ZDI ID | – |
| CVSS Score | 7.1 High |
| Vector | CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H |
| Impact Score | – |
| Exploitability Score | – |
| Attack Vector (AV) | Physical |
| Attack Complexity (AC) | HighFGH |
| Privilege Required (PR) | None |
| User Interaction (UI) | None |
| Scope | Changed |
| Confidentiality (C) | High |
| Integrity (I) | High |
| availability (a) | High |
List HP Printer devices Affected By These Vulnerabilities
HP said that there are a long list of printer devices are affected by these vulnerabilities. The list has more than 60 printer modules. Please find the products affected by these vulnerabilities and patched firmware version that fixes the vulnerabilities. Please don’t forget to see the updated list here.
We urge you to carefully go through the table and list out the vulnerabilities identified in your modules and upgrade the firmware to the resolved version or the latest available for download.
Caution: We always recommend reading the product guide or contacting the vendor support team before upgrading firmware. A wrong firmware upgrade may either break your device or lead to permanent damage.
List of Affected HP InkJet Printers:
| Product Name | Product Number | CVE-2022-28721 (CVSS 9.8) | CVE-2022-28722 (CVSS 7.3) | Updated Firmware Version |
|---|---|---|---|---|
| HP DeskJet Ink Advantage 5000 All-in-One Printer series | M2U86A, M2U86B, M2U86C, M2U87A, M2U87B, M2U88B, M2U89B | Affected | Not Affected | 2211A or higher |
| HP DeskJet Ink Advantage 5200 All-in-One Printer series | M2U76A, M2U77A | Affected | Not Affected | 2211C or higher |
| HP DeskJet Plus Ink Advantage 6000 All-in-One Printer series | 5SE522A | Affected | Not Affected | 001.2214A or higher |
| HP DeskJet Plus Ink Advantage 6400 All-in-One Printer series | 5SD78A, 5SD79A | Affected | Not Affected | 001.2214A or higher |
| HP ENVY 5000 All-in-One Printer series | M2U85B, Z4A59A, Z4A71A, M2U91B, Z4A69A, M2U92B, Z4A70A, M2U94B, Z4A73A, Z4A74A, M2U91A, M2U92A, M2U85A, M2U94A, Z4A54A, Z4A60A, Z4A61A, Z4A61B | Affected | Not Affected | 2211C or higher |
| HP ENVY 6000 All-in-One Printer series | 5SE17A, 6WD35A, 7CZ37A, 5SE18A, 5SE16A, 5SE19A, 5SE20A, 8QQ97A, 8QQ98A, 8QQ99A | Affected | Not Affected | 001.2214B or higher |
| HP ENVY 6000e All-In-One Printer series | 223N6A, 2K4V8A, 2K4W1A, 2K4W2A, 223N2A, 223N1A, 223N5A, 223N9A | Affected | Not Affected | 001.2216A or higher |
| HP ENVY 6400e All-In-One Printer series | 223R6A, 2K5L5A, 223R2A, 223R1A, 223R3A, 223R9A | Affected | Not Affected | 001.2216A or higher |
| HP ENVY Photo 6200 All-in-One Printer series | K7G22A, K7G18A, K7G23A, Y0K15A, K7D05A | Affected | Not Affected | 003.2220B or higher |
| HP ENVY Photo 7100 All-in-One Printer series | Z3M37A, K7G93A, Z3M52A, 3XD89A, K7G95A, K7G96A, K7G99A | Affected | Not Affected | 003.2220B or higher |
| HP ENVY Photo 7800 All-in-One Printer series | K7R96A, K7S00A, K7S08A, K7S01A | Affected | Not Affected | 003.2220B or higher |
| HP ENVY Pro 6400 All-in-One Printer series | 5SE46A, 6WD14A, 6WD16A, 5SE47A, 5SE45A, 5SE48A, 7XK12A, 5SE50A, 8QQ86A, 8QQ87A, 8QQ88A | Affected | Not Affected | 001.2214B or higher |
| HP OfficeJet 5200 All-in-One Printer series | M2U81A, Z4B29A, M2U81B, Z4B27A, M2U82B, Z4B28A, M2U84B, M2U82A, M2U75A, M2U84A, Z4B12A, Z4B13A, Z4B14A, Z4B18A | Affected | Not Affected | 2211A or higher |
| HP OfficeJet 6950 All-in-One Printer series | P4C78A, P4C85A, T3P03A, P4C86A, P4C81A, P4C82A, P4C84A | Affected | Affected | 001.2224A or higher |
| HP OfficeJet 6960 All-in-One Printer series | T0G25A, T0G26A | Affected | Affected | 001.2225A or higher |
| HP OfficeJet 8010 All-in-One Printer series | 1KR69A, 1KR58A | Affected | Not Affected | 001.2213A or higher |
| HP OfficeJet 8010e All-in-One Printer series | 228F5A | Affected | Not Affected | 004.2222A or higher |
| HP OfficeJet 8022 All-in-One Printer | 3UC65A | Affected | Not Affected | 001.2213A or higher |
| HP OfficeJet 8022e All-in-One Printer | 1K7K6A | Affected | Not Affected | 004.2222A or higher |
| HP OfficeJet Pro 6960 All-in-One Printer series | J7K33A, T0F30A, T0F32A, T0F38A, T0F31A, J7K37A, J7K38A, J7K35A, J7K39A, T0F28A, T0F36A | Affected | Affected | 001.2225A or higher |
| HP OfficeJet Pro 6970 All-in-One Printer series | J7K34A, T0F33A, T0F39A, T0F34A, T0F35A, J7K40A, J7K36A, J7K42A, J7K41A, T0F29A, T0F37A, T0F40A | Affected | Affected | 001.2225A or higher |
| HP OfficeJet Pro 7720 Wide Format All-in-One Printer series | G5J56A, Y0S18A | Affected | Affected | 003.2226A or higher |
| HP OfficeJet Pro 7730 Wide Format All-in-One Printer | L3T99A, Y0S19A | Affected | Affected | 003.2226A or higher |
| HP OfficeJet Pro 7740 Wide Format All-in-One Printer series | G5J38A, T1P99A | Affected | Affected | 002.2226A or higher |
| HP OfficeJet Pro 8020 All-in-One Printer series | 1KR62A, 5LJ17A, 5LJ18A, 5LJ19A, 1KR57A, 1KR61A | Affected | Not Affected | 001.2213A or higher |
| HP OfficeJet Pro 8020e All-in-One Printer series | 1K7K7A | Affected | Not Affected | 004.2222A or higher |
| HP OfficeJet Pro 8030 All-in-One Printer series | 1KR62A, 5LJ17A, 5LJ18A, 5LJ19A, 1KR57A, 1KR61A, 3UC64A | Affected | Not Affected | 001.2213A or higher |
| HP OfficeJet Pro 8030e All-in-One Printer series | 5LJ14A, 5LJ15A, 5LJ16A, 3UC66A, 4KJ65A, 5LJ23A | Affected | Not Affected | 004.2222A or higher |
| HP OfficeJet Pro 8035e All-in-One Printer | 1L0H6A, 1L0H7A, 1L0H8A | Affected | Not Affected | 004.2222A or higher |
| HP OfficeJet Pro 8210 Printer series | D9L63A, D9L64A, J3P65A, J3P66A, J3P67A, J3P68A, T0G70A | Affected | Affected | 001.2225B or higher |
| HP OfficeJet Pro 8710 All-in-One Printer series | D9L18A, M9L66A, M9L67A, T0G46A, J6X76A, J6X78A, J6X80A, K7S37A, M9L70A, J6X77A, J6X81A, J6X79A, K7S38A, T0G47A, T0G48A, T0G49A, M9L65A | Not Affected | Affected | 001.2224B or higher |
| HP OfficeJet Pro 8730 All-in-One Printer | D9L20A, K7S32A | Affected | Affected | 001.2225B or higher |
| HP OfficeJet Pro 8740 All-in-One Printer series | D9L21A, K7S42A, T0G65A, K7S39A, J6X83A, K7S43A, K7S40A, K7S41A | Affected | Affected | 001.2225B or higher |
| HP OfficeJet Pro 9010 All-in-One Printer series | 1KR46A, 3UK83A, 1KR49A, 1KR42A, 1KR45A, 3UK84A, 1KR48A, 1KR54A, 1KR55A | Affected | Not Affected | 002.2211C or higher |
| HP OfficeJet Pro 9010e All-in-One Printer series | 257G3A | Affected | Not Affected | 005.2210A or higher |
| HP OfficeJet Pro 9020 All-in-One Printer series | 1MR78A, 1MR66A, 1MR67A, 1MR69A, 1MR70A, 1MR71A, 1MR72A, 1MR73A, 1MR74A, 1MR75A, 1MR76A, 1MR77A, 1MR68A, 1MR79A | Affected | Not Affected | 002.2211C or higher |
| HP OfficeJet Pro 9020e All-in-One Printer series | 226Y9A, 1G5M0A | Affected | Not Affected | 005.2210A or higher |
| HP Smart Tank 510 Wireless All-in-One series / HP Smart Tank Plus 550 Wireless All-in-One series | 4SB23A, 3YW71A, 3YW74A, 1TJ09A, 3YW70A, 1TJ10A, 1TJ11A, 3YW73A, 6HF11A, 1TJ12A, 3YW72A, 3YW75A | Affected | Not Affected | 001.2219A or higher |
| HP Smart Tank 610 Wireless All-in-One series / HP Smart Tank Plus 650 Wireless All-in-One series | Y0F71A, Y0F72A, Y0F73A, 7XV38A, Y0F74A, 3YW48A, 3YW51A | Affected | Not Affected | 001.2219A or higher |
| HP Tango / HP Tango X | 3DP64A, 3DP65A, 3DP66A, 3YF56A, 3YF57A, 3YF58A, 3YF60A, 3YF61A, 2RY54A, 2RY55A, 2RY56A, 3YF65A, 3YF66A, 3YF67A, 3YF68A, 3YF69A, 3YF70A, 3YF59A | Affected | Not Affected | 2209A or higher |
List of Affected HP LaserJet Pro printers:
| Product Name | Product Number | CVE-2022-28721 (CVSS 9.8) | CVE-2022-28722 (CVSS 7.3) | Updated Firmware Version |
|---|---|---|---|---|
| HP PageWide 352dw Printer | J6U57A | Affected | Affected | 2228B or higher |
| HP PageWide 377dw Multifunction Printer | J9V80A | Affected | Affected | 2228B or higher |
| HP PageWide Managed P55250dw Printer series | J6U55A, J6U51B, J6U55B | Affected | Affected | 2228B or higher |
| HP PageWide Managed P57750dw Multifunction Printer | J9V82A | Affected | Affected | 2228B or higher |
| HP PageWide Managed P75050dn/dw | W1B28A, Y3Z45A W1B29A, Y3Z47A | Affected | Affected | 006.2225A or higher |
| HP PageWide Managed P77740dn Multifunction Printer | Y3Z57A | Affected | Affected | 006.2225A or higher |
| HP PageWide Managed P77740dw Multifunction Printer | W1B33A | Affected | Affected | 006.2225A or higher |
| HP PageWide Managed P77740z Multifunction Printer | W1B39A | Affected | Affected | 006.2225A or higher |
| HP PageWide Managed P77750z Multifunction Printer | W1B37A | Affected | Affected | 006.2225A or higher |
| HP PageWide Managed P77760z Multifunction Printer | W1B38A | Affected | Affected | 006.2225A or higher |
| HP PageWide Pro 452dn Printer series | D3Q15A | Affected | Affected | 2228B or higher |
| HP PageWide Pro 452dw Printer series | D3Q16A | Affected | Affected | 2228B or higher |
| HP PageWide Pro 477dn Multifunction Printer series | D3Q19A | Affected | Affected | 2228B or higher |
| HP PageWide Pro 477dw Multifunction Printer series | D3Q20A | Affected | Affected | 2228B or higher |
| HP PageWide Pro 552dw Printer series | D3Q17A | Affected | Affected | 2228B or higher |
| HP PageWide Pro 577 Multifunction Printer series | D3Q21A, K9Z76A | Affected | Affected | 2228B or higher |
| HP PageWide Pro 750dn Printer | Y3Z44A | Affected | Affected | 006.2225A or higher |
| HP PageWide Pro 750dw Printer | A7W93A, Y3Z46A | Affected | Affected | 006.2225A or higher |
| HP PageWide Pro 772dn Multifunction Printer | Y3Z54A | Affected | Affected | 006.2225A or higher |
| HP PageWide Pro 772dw Multifunction Printer | W1B31A | Affected | Affected | 006.2225A or higher |
List of Affected HP PageWide Pro printers:
| Product Name | Product Number | CVE-2022-28721 (CVSS 9.8) | CVE-2022-28722 (CVSS 7.3) | Updated Firmware Version |
|---|---|---|---|---|
| HP PageWide 352dw Printer | J6U57A | Affected | Affected | 2228B or higher |
| HP PageWide 377dw Multifunction Printer | J9V80A | Affected | Affected | 2228B or higher |
| HP PageWide Managed P55250dw Printer series | J6U55A, J6U51B, J6U55B | Affected | Affected | 2228B or higher |
| HP PageWide Managed P57750dw Multifunction Printer | J9V82A | Affected | Affected | 2228B or higher |
| HP PageWide Managed P75050dn/dw | W1B28A, Y3Z45A W1B29A, Y3Z47A | Affected | Affected | 006.2225A or higher |
| HP PageWide Managed P77740dn Multifunction Printer | Y3Z57A | Affected | Affected | 006.2225A or higher |
| HP PageWide Managed P77740dw Multifunction Printer | W1B33A | Affected | Affected | 006.2225A or higher |
| HP PageWide Managed P77740z Multifunction Printer | W1B39A | Affected | Affected | 006.2225A or higher |
| HP PageWide Managed P77750z Multifunction Printer | W1B37A | Affected | Affected | 006.2225A or higher |
| HP PageWide Managed P77760z Multifunction Printer | W1B38A | Affected | Affected | 006.2225A or higher |
| HP PageWide Pro 452dn Printer series | D3Q15A | Affected | Affected | 2228B or higher |
| HP PageWide Pro 452dw Printer series | D3Q16A | Affected | Affected | 2228B or higher |
| HP PageWide Pro 477dn Multifunction Printer series | D3Q19A | Affected | Affected | 2228B or higher |
| HP PageWide Pro 477dw Multifunction Printer series | D3Q20A | Affected | Affected | 2228B or higher |
| HP PageWide Pro 552dw Printer series | D3Q17A | Affected | Affected | 2228B or higher |
| HP PageWide Pro 577 Multifunction Printer series | D3Q21A, K9Z76A | Affected | Affected | 2228B or higher |
| HP PageWide Pro 750dn Printer | Y3Z44A | Affected | Affected | 006.2225A or higher |
| HP PageWide Pro 750dw Printer | A7W93A, Y3Z46A | Affected | Affected | 006.2225A or higher |
| HP PageWide Pro 772dn Multifunction Printer | Y3Z54A | Affected | Affected | 006.2225A or higher |
| HP PageWide Pro 772dw Multifunction Printer | W1B31A | Affected | Affected | 006.2225A or higher |
How to Fix CVE-2022-28721, A Critical RCE Vulnerability in HP Printer Devices?
The manifacturer has released the patched version of firmware to fix the vulnerabilities. The users of affected products are advised to upgrade the firmware to the latest patched version shown in the previous section.
HP offers periodic firmware updates for printers to address known issues and add new features. You must update the firmware on your printer to get all the latest updates.
There could be different ways to upgrade the firmware. Firmware upgradation using the printer control panel is the direct way to upgrade the firmware on the device itself which doesn’t require a computer to have. The second method is to upgrade the firmware using the printer update utility. This is the best way to go when you have multiple printers to upgrade the firmware. It is best for small to large size corporate networks. You can learn about upgrading firmware from here. However, we have tried covering both ways in this post so that you can have an idea about the upgradation process.
Here are two supported methods to update firmware on your printer.
Update the firmware via the printer control panel
Update the firmware via the HP Printer Update Utility
Method 1: Update The Firmware Via The Printer Control Panel
Use this method to update the firmware via the printer control panel and to set the printer to update the firmware with the availability of new updates automatically. However, the process varies based on the type of control panel the device has. The control panel can be any one of the following types. This method works well for homes or small businesses which will have hand countable number of printers. Watch this video to learn how to upgrade the firmware using this way.
Video Source: HPVideo Source: HP
Method 2: How To Update The Firmware Using HP Printer Update Utility?
Use this method to download and install the HP Printer Update Utility manually. This method is good for any small to large businesses which will have hundreds of printers in their facility.
How To Update The Firmware Using HP Printer Update Utility?
Step 1. Download the firmware file
1. Go to HP Support and click Software and Drivers and then Printer.
2. Type the printer name in the search field and select Submit.
3. Locate the Firmware Update in the Firmware section.
4. Click Download and save the file to the system.
Step 2. Prepare for the Update
1. Print the printer status page or network setting page to check the current firmware version.
2. Press OK to display the Home screen on the printer control panel.
3. Use Arrow buttons to navigate to Setup and press OK.
4. Open the Reports menu.
5. Choose either Printer Network Configuration Report to print the Network settings page or select Printer status report.
6. Note installed firmware version.
Step 3. Update the firmware
Follow these steps to update the firmware on Windows.
1. Navigate to the location where the .exe file is located.
2. Double-click the file to initiate the upgrade process.
3. Wait for the utility to detect printers connected to the PC via network or USB.
4. Select the printers for which the firmware update is required and select Update.
5. Wait for the printer to reboot to a Ready state after completing the download. It will reboot automatically.
6. Print a Printer Network Configuration Report to verify that the printer firmware update was successful, and then click the firmware version.
7. Click the OK button to close the utility.
Click here for more information.
We hope this post would help you know how to fix CVE-2022-28721, a critical RCE vulnerability in HP printer devices. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium & Instagram, and subscribe to receive updates like this.
Arun KL
Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.
- April 18, 2024
Learn Something New with Free Email subscription
Learn Something New with Free Email subscription
Subscribe
Subscribe
Subscribe
Subscribe
- April 18, 2024
