HP has addressed two vulnerabilities of which one is RCE vulnerability rated Critical and the second is ACE vulnerability rated high in severity. Attackers can abuse these buffer overflow vulnerabilities to perform remote code execution and arbitrary code execution on vulnerable printer modules. Since the critical flaw is rated 9.8 on the CVSS scale and allows to execution of malicious code from remote, it’s important to know how to fix CVE-2022-28721, a critical RCE vulnerability in HP printer devices. The vendor has covered both the flaws in a security advisory to protect your printers against these vulnerabilities. Let’s see what is there in the advisory and see how to apply the patches to your printer modules.
Let’s start the post from the summary of the vulnerabilities and see how to fix CVE-2022-28721, a critical RCE vulnerability in HP printer devices.
HP released a security advisory on 21st, Sep. That it disclosed two Buffer Overflow vulnerabilities, one is Critical with a CVSS score of 9.8 and another one is High in severity with 7.1 CVSS scores. These flaws are due to improper bound checking that allows an attacker to overflow a buffer and execute arbitrary code on the affected printer devices.
The critical flaw allows an attacker to execute code over the network and the high severity flaw needs authentication and physical access to execute the code. There are no technical details were published on the flaws to lower the attack possibility.
Associated CVE ID | CVE-2022-28721 |
Description | A Remote Code Execution Vulnerability in HP Printer Devices |
Associated ZDI ID | – |
CVSS Score | 9.8 Critical |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Impact Score | – |
Exploitability Score | – |
Attack Vector (AV) | Network |
Attack Complexity (AC) | Low |
Privilege Required (PR) | None |
User Interaction (UI) | None |
Scope | Unchanged |
Confidentiality (C) | High |
Integrity (I) | High |
availability (a) | High |
Associated CVE ID | CVE-2022-28722 |
Description | A Arbitrary Code Execution Vulnerability in HP Printer Devices |
Associated ZDI ID | – |
CVSS Score | 7.1 High |
Vector | CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H |
Impact Score | – |
Exploitability Score | – |
Attack Vector (AV) | Physical |
Attack Complexity (AC) | HighFGH |
Privilege Required (PR) | None |
User Interaction (UI) | None |
Scope | Changed |
Confidentiality (C) | High |
Integrity (I) | High |
availability (a) | High |
HP said that there are a long list of printer devices are affected by these vulnerabilities. The list has more than 60 printer modules. Please find the products affected by these vulnerabilities and patched firmware version that fixes the vulnerabilities. Please don’t forget to see the updated list here.
We urge you to carefully go through the table and list out the vulnerabilities identified in your modules and upgrade the firmware to the resolved version or the latest available for download.
Caution: We always recommend reading the product guide or contacting the vendor support team before upgrading firmware. A wrong firmware upgrade may either break your device or lead to permanent damage.
Product Name | Product Number | CVE-2022-28721 (CVSS 9.8) | CVE-2022-28722 (CVSS 7.3) | Updated Firmware Version |
---|---|---|---|---|
HP DeskJet Ink Advantage 5000 All-in-One Printer series | M2U86A, M2U86B, M2U86C, M2U87A, M2U87B, M2U88B, M2U89B | Affected | Not Affected | 2211A or higher |
HP DeskJet Ink Advantage 5200 All-in-One Printer series | M2U76A, M2U77A | Affected | Not Affected | 2211C or higher |
HP DeskJet Plus Ink Advantage 6000 All-in-One Printer series | 5SE522A | Affected | Not Affected | 001.2214A or higher |
HP DeskJet Plus Ink Advantage 6400 All-in-One Printer series | 5SD78A, 5SD79A | Affected | Not Affected | 001.2214A or higher |
HP ENVY 5000 All-in-One Printer series | M2U85B, Z4A59A, Z4A71A, M2U91B, Z4A69A, M2U92B, Z4A70A, M2U94B, Z4A73A, Z4A74A, M2U91A, M2U92A, M2U85A, M2U94A, Z4A54A, Z4A60A, Z4A61A, Z4A61B | Affected | Not Affected | 2211C or higher |
HP ENVY 6000 All-in-One Printer series | 5SE17A, 6WD35A, 7CZ37A, 5SE18A, 5SE16A, 5SE19A, 5SE20A, 8QQ97A, 8QQ98A, 8QQ99A | Affected | Not Affected | 001.2214B or higher |
HP ENVY 6000e All-In-One Printer series | 223N6A, 2K4V8A, 2K4W1A, 2K4W2A, 223N2A, 223N1A, 223N5A, 223N9A | Affected | Not Affected | 001.2216A or higher |
HP ENVY 6400e All-In-One Printer series | 223R6A, 2K5L5A, 223R2A, 223R1A, 223R3A, 223R9A | Affected | Not Affected | 001.2216A or higher |
HP ENVY Photo 6200 All-in-One Printer series | K7G22A, K7G18A, K7G23A, Y0K15A, K7D05A | Affected | Not Affected | 003.2220B or higher |
HP ENVY Photo 7100 All-in-One Printer series | Z3M37A, K7G93A, Z3M52A, 3XD89A, K7G95A, K7G96A, K7G99A | Affected | Not Affected | 003.2220B or higher |
HP ENVY Photo 7800 All-in-One Printer series | K7R96A, K7S00A, K7S08A, K7S01A | Affected | Not Affected | 003.2220B or higher |
HP ENVY Pro 6400 All-in-One Printer series | 5SE46A, 6WD14A, 6WD16A, 5SE47A, 5SE45A, 5SE48A, 7XK12A, 5SE50A, 8QQ86A, 8QQ87A, 8QQ88A | Affected | Not Affected | 001.2214B or higher |
HP OfficeJet 5200 All-in-One Printer series | M2U81A, Z4B29A, M2U81B, Z4B27A, M2U82B, Z4B28A, M2U84B, M2U82A, M2U75A, M2U84A, Z4B12A, Z4B13A, Z4B14A, Z4B18A | Affected | Not Affected | 2211A or higher |
HP OfficeJet 6950 All-in-One Printer series | P4C78A, P4C85A, T3P03A, P4C86A, P4C81A, P4C82A, P4C84A | Affected | Affected | 001.2224A or higher |
HP OfficeJet 6960 All-in-One Printer series | T0G25A, T0G26A | Affected | Affected | 001.2225A or higher |
HP OfficeJet 8010 All-in-One Printer series | 1KR69A, 1KR58A | Affected | Not Affected | 001.2213A or higher |
HP OfficeJet 8010e All-in-One Printer series | 228F5A | Affected | Not Affected | 004.2222A or higher |
HP OfficeJet 8022 All-in-One Printer | 3UC65A | Affected | Not Affected | 001.2213A or higher |
HP OfficeJet 8022e All-in-One Printer | 1K7K6A | Affected | Not Affected | 004.2222A or higher |
HP OfficeJet Pro 6960 All-in-One Printer series | J7K33A, T0F30A, T0F32A, T0F38A, T0F31A, J7K37A, J7K38A, J7K35A, J7K39A, T0F28A, T0F36A | Affected | Affected | 001.2225A or higher |
HP OfficeJet Pro 6970 All-in-One Printer series | J7K34A, T0F33A, T0F39A, T0F34A, T0F35A, J7K40A, J7K36A, J7K42A, J7K41A, T0F29A, T0F37A, T0F40A | Affected | Affected | 001.2225A or higher |
HP OfficeJet Pro 7720 Wide Format All-in-One Printer series | G5J56A, Y0S18A | Affected | Affected | 003.2226A or higher |
HP OfficeJet Pro 7730 Wide Format All-in-One Printer | L3T99A, Y0S19A | Affected | Affected | 003.2226A or higher |
HP OfficeJet Pro 7740 Wide Format All-in-One Printer series | G5J38A, T1P99A | Affected | Affected | 002.2226A or higher |
HP OfficeJet Pro 8020 All-in-One Printer series | 1KR62A, 5LJ17A, 5LJ18A, 5LJ19A, 1KR57A, 1KR61A | Affected | Not Affected | 001.2213A or higher |
HP OfficeJet Pro 8020e All-in-One Printer series | 1K7K7A | Affected | Not Affected | 004.2222A or higher |
HP OfficeJet Pro 8030 All-in-One Printer series | 1KR62A, 5LJ17A, 5LJ18A, 5LJ19A, 1KR57A, 1KR61A, 3UC64A | Affected | Not Affected | 001.2213A or higher |
HP OfficeJet Pro 8030e All-in-One Printer series | 5LJ14A, 5LJ15A, 5LJ16A, 3UC66A, 4KJ65A, 5LJ23A | Affected | Not Affected | 004.2222A or higher |
HP OfficeJet Pro 8035e All-in-One Printer | 1L0H6A, 1L0H7A, 1L0H8A | Affected | Not Affected | 004.2222A or higher |
HP OfficeJet Pro 8210 Printer series | D9L63A, D9L64A, J3P65A, J3P66A, J3P67A, J3P68A, T0G70A | Affected | Affected | 001.2225B or higher |
HP OfficeJet Pro 8710 All-in-One Printer series | D9L18A, M9L66A, M9L67A, T0G46A, J6X76A, J6X78A, J6X80A, K7S37A, M9L70A, J6X77A, J6X81A, J6X79A, K7S38A, T0G47A, T0G48A, T0G49A, M9L65A | Not Affected | Affected | 001.2224B or higher |
HP OfficeJet Pro 8730 All-in-One Printer | D9L20A, K7S32A | Affected | Affected | 001.2225B or higher |
HP OfficeJet Pro 8740 All-in-One Printer series | D9L21A, K7S42A, T0G65A, K7S39A, J6X83A, K7S43A, K7S40A, K7S41A | Affected | Affected | 001.2225B or higher |
HP OfficeJet Pro 9010 All-in-One Printer series | 1KR46A, 3UK83A, 1KR49A, 1KR42A, 1KR45A, 3UK84A, 1KR48A, 1KR54A, 1KR55A | Affected | Not Affected | 002.2211C or higher |
HP OfficeJet Pro 9010e All-in-One Printer series | 257G3A | Affected | Not Affected | 005.2210A or higher |
HP OfficeJet Pro 9020 All-in-One Printer series | 1MR78A, 1MR66A, 1MR67A, 1MR69A, 1MR70A, 1MR71A, 1MR72A, 1MR73A, 1MR74A, 1MR75A, 1MR76A, 1MR77A, 1MR68A, 1MR79A | Affected | Not Affected | 002.2211C or higher |
HP OfficeJet Pro 9020e All-in-One Printer series | 226Y9A, 1G5M0A | Affected | Not Affected | 005.2210A or higher |
HP Smart Tank 510 Wireless All-in-One series / HP Smart Tank Plus 550 Wireless All-in-One series | 4SB23A, 3YW71A, 3YW74A, 1TJ09A, 3YW70A, 1TJ10A, 1TJ11A, 3YW73A, 6HF11A, 1TJ12A, 3YW72A, 3YW75A | Affected | Not Affected | 001.2219A or higher |
HP Smart Tank 610 Wireless All-in-One series / HP Smart Tank Plus 650 Wireless All-in-One series | Y0F71A, Y0F72A, Y0F73A, 7XV38A, Y0F74A, 3YW48A, 3YW51A | Affected | Not Affected | 001.2219A or higher |
HP Tango / HP Tango X | 3DP64A, 3DP65A, 3DP66A, 3YF56A, 3YF57A, 3YF58A, 3YF60A, 3YF61A, 2RY54A, 2RY55A, 2RY56A, 3YF65A, 3YF66A, 3YF67A, 3YF68A, 3YF69A, 3YF70A, 3YF59A | Affected | Not Affected | 2209A or higher |
Product Name | Product Number | CVE-2022-28721 (CVSS 9.8) | CVE-2022-28722 (CVSS 7.3) | Updated Firmware Version |
---|---|---|---|---|
HP PageWide 352dw Printer | J6U57A | Affected | Affected | 2228B or higher |
HP PageWide 377dw Multifunction Printer | J9V80A | Affected | Affected | 2228B or higher |
HP PageWide Managed P55250dw Printer series | J6U55A, J6U51B, J6U55B | Affected | Affected | 2228B or higher |
HP PageWide Managed P57750dw Multifunction Printer | J9V82A | Affected | Affected | 2228B or higher |
HP PageWide Managed P75050dn/dw | W1B28A, Y3Z45A W1B29A, Y3Z47A | Affected | Affected | 006.2225A or higher |
HP PageWide Managed P77740dn Multifunction Printer | Y3Z57A | Affected | Affected | 006.2225A or higher |
HP PageWide Managed P77740dw Multifunction Printer | W1B33A | Affected | Affected | 006.2225A or higher |
HP PageWide Managed P77740z Multifunction Printer | W1B39A | Affected | Affected | 006.2225A or higher |
HP PageWide Managed P77750z Multifunction Printer | W1B37A | Affected | Affected | 006.2225A or higher |
HP PageWide Managed P77760z Multifunction Printer | W1B38A | Affected | Affected | 006.2225A or higher |
HP PageWide Pro 452dn Printer series | D3Q15A | Affected | Affected | 2228B or higher |
HP PageWide Pro 452dw Printer series | D3Q16A | Affected | Affected | 2228B or higher |
HP PageWide Pro 477dn Multifunction Printer series | D3Q19A | Affected | Affected | 2228B or higher |
HP PageWide Pro 477dw Multifunction Printer series | D3Q20A | Affected | Affected | 2228B or higher |
HP PageWide Pro 552dw Printer series | D3Q17A | Affected | Affected | 2228B or higher |
HP PageWide Pro 577 Multifunction Printer series | D3Q21A, K9Z76A | Affected | Affected | 2228B or higher |
HP PageWide Pro 750dn Printer | Y3Z44A | Affected | Affected | 006.2225A or higher |
HP PageWide Pro 750dw Printer | A7W93A, Y3Z46A | Affected | Affected | 006.2225A or higher |
HP PageWide Pro 772dn Multifunction Printer | Y3Z54A | Affected | Affected | 006.2225A or higher |
HP PageWide Pro 772dw Multifunction Printer | W1B31A | Affected | Affected | 006.2225A or higher |
Product Name | Product Number | CVE-2022-28721 (CVSS 9.8) | CVE-2022-28722 (CVSS 7.3) | Updated Firmware Version |
---|---|---|---|---|
HP PageWide 352dw Printer | J6U57A | Affected | Affected | 2228B or higher |
HP PageWide 377dw Multifunction Printer | J9V80A | Affected | Affected | 2228B or higher |
HP PageWide Managed P55250dw Printer series | J6U55A, J6U51B, J6U55B | Affected | Affected | 2228B or higher |
HP PageWide Managed P57750dw Multifunction Printer | J9V82A | Affected | Affected | 2228B or higher |
HP PageWide Managed P75050dn/dw | W1B28A, Y3Z45A W1B29A, Y3Z47A | Affected | Affected | 006.2225A or higher |
HP PageWide Managed P77740dn Multifunction Printer | Y3Z57A | Affected | Affected | 006.2225A or higher |
HP PageWide Managed P77740dw Multifunction Printer | W1B33A | Affected | Affected | 006.2225A or higher |
HP PageWide Managed P77740z Multifunction Printer | W1B39A | Affected | Affected | 006.2225A or higher |
HP PageWide Managed P77750z Multifunction Printer | W1B37A | Affected | Affected | 006.2225A or higher |
HP PageWide Managed P77760z Multifunction Printer | W1B38A | Affected | Affected | 006.2225A or higher |
HP PageWide Pro 452dn Printer series | D3Q15A | Affected | Affected | 2228B or higher |
HP PageWide Pro 452dw Printer series | D3Q16A | Affected | Affected | 2228B or higher |
HP PageWide Pro 477dn Multifunction Printer series | D3Q19A | Affected | Affected | 2228B or higher |
HP PageWide Pro 477dw Multifunction Printer series | D3Q20A | Affected | Affected | 2228B or higher |
HP PageWide Pro 552dw Printer series | D3Q17A | Affected | Affected | 2228B or higher |
HP PageWide Pro 577 Multifunction Printer series | D3Q21A, K9Z76A | Affected | Affected | 2228B or higher |
HP PageWide Pro 750dn Printer | Y3Z44A | Affected | Affected | 006.2225A or higher |
HP PageWide Pro 750dw Printer | A7W93A, Y3Z46A | Affected | Affected | 006.2225A or higher |
HP PageWide Pro 772dn Multifunction Printer | Y3Z54A | Affected | Affected | 006.2225A or higher |
HP PageWide Pro 772dw Multifunction Printer | W1B31A | Affected | Affected | 006.2225A or higher |
The manifacturer has released the patched version of firmware to fix the vulnerabilities. The users of affected products are advised to upgrade the firmware to the latest patched version shown in the previous section.
HP offers periodic firmware updates for printers to address known issues and add new features. You must update the firmware on your printer to get all the latest updates.
There could be different ways to upgrade the firmware. Firmware upgradation using the printer control panel is the direct way to upgrade the firmware on the device itself which doesn’t require a computer to have. The second method is to upgrade the firmware using the printer update utility. This is the best way to go when you have multiple printers to upgrade the firmware. It is best for small to large size corporate networks. You can learn about upgrading firmware from here. However, we have tried covering both ways in this post so that you can have an idea about the upgradation process.
Here are two supported methods to update firmware on your printer.
Update the firmware via the printer control panel
Update the firmware via the HP Printer Update Utility
Use this method to update the firmware via the printer control panel and to set the printer to update the firmware with the availability of new updates automatically. However, the process varies based on the type of control panel the device has. The control panel can be any one of the following types. This method works well for homes or small businesses which will have hand countable number of printers. Watch this video to learn how to upgrade the firmware using this way.
Video Source: HPVideo Source: HP
Use this method to download and install the HP Printer Update Utility manually. This method is good for any small to large businesses which will have hundreds of printers in their facility.
1. Go to HP Support and click Software and Drivers and then Printer.
2. Type the printer name in the search field and select Submit.
3. Locate the Firmware Update in the Firmware section.
4. Click Download and save the file to the system.
1. Print the printer status page or network setting page to check the current firmware version.
2. Press OK to display the Home screen on the printer control panel.
3. Use Arrow buttons to navigate to Setup and press OK.
4. Open the Reports menu.
5. Choose either Printer Network Configuration Report to print the Network settings page or select Printer status report.
6. Note installed firmware version.
Follow these steps to update the firmware on Windows.
1. Navigate to the location where the .exe file is located.
2. Double-click the file to initiate the upgrade process.
3. Wait for the utility to detect printers connected to the PC via network or USB.
4. Select the printers for which the firmware update is required and select Update.
5. Wait for the printer to reboot to a Ready state after completing the download. It will reboot automatically.
6. Print a Printer Network Configuration Report to verify that the printer firmware update was successful, and then click the firmware version.
7. Click the OK button to close the utility.
Click here for more information.
We hope this post would help you know how to fix CVE-2022-28721, a critical RCE vulnerability in HP printer devices. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium & Instagram, and subscribe to receive updates like this.
You may also like these articles:
Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.
“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”
"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.
BurpGPT is a cutting-edge Burp Suite extension that harnesses the power of OpenAI's language models to revolutionize web application security testing. With customizable prompts and advanced AI capabilities, BurpGPT enables security professionals to uncover bespoke vulnerabilities, streamline assessments, and stay ahead of evolving threats.
PentestGPT, developed by Gelei Deng and team, revolutionizes penetration testing by harnessing AI power. Leveraging OpenAI's GPT-4, it automates and streamlines the process, making it efficient and accessible. With advanced features and interactive guidance, PentestGPT empowers testers to identify vulnerabilities effectively, representing a significant leap in cybersecurity.
Tenable BurpGPT is a powerful Burp Suite extension that leverages OpenAI's advanced language models to analyze HTTP traffic and identify potential security risks. By automating vulnerability detection and providing AI-generated insights, BurpGPT dramatically reduces manual testing efforts for security researchers, developers, and pentesters.
Microsoft Security Copilot is a revolutionary AI-powered security solution that empowers cybersecurity professionals to identify and address potential breaches effectively. By harnessing advanced technologies like OpenAI's GPT-4 and Microsoft's extensive threat intelligence, Security Copilot streamlines threat detection and response, enabling defenders to operate at machine speed and scale.