Vulnerability CVE-2011-4161
Published: 2011-12-01   Modified: 2012-02-13

Description:
The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update.

Type:

CWE-264

 (Permissions, Privileges, and Access Controls)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
HP -> Color laserjet cp5525 
HP -> Laserjet enterprise m4555 
HP -> Color laserjet 3000 
HP -> Color laserjet cp6015 
HP -> Laserjet enterprise p3015 
HP -> Color laserjet 3800 
HP -> Color laserjet enterprise cp4520 
HP -> Laserjet m3035 
HP -> Color laserjet 4700 
HP -> Color laserjet enterprise cp4525 
HP -> Laserjet m5035 
HP -> Color laserjet 4730 
HP -> Color mfp cm8060 
HP -> Laserjet m9040 
HP -> Color laserjet 4730 mfp 
HP -> Digital sender 9200c 
HP -> Laserjet m9050 
HP -> Color laserjet 5550 
HP -> Digital sender 9250c 
HP -> Laserjet p3005 
HP -> Color laserjet 9500 
HP -> Laserjet 4240 
HP -> Laserjet p4014 
HP -> Color laserjet cm3530 
HP -> Laserjet 4250 
HP -> Laserjet p4015 
HP -> Color laserjet cm4540 
HP -> Laserjet 4345 mfp 
HP -> Laserjet p4515 
HP -> Color laserjet cm4730 
HP -> Laserjet 4350 
HP -> Color laserjet cm6030 
HP -> Laserjet 5200 
HP -> Color laserjet cm6040 
HP -> Laserjet 9040 
HP -> Color laserjet cp3505 
HP -> Laserjet 9050 
HP -> Color laserjet cp3525 
HP -> Laserjet enterprise 500 color 
HP -> Color laserjet cp4005 
HP -> Laserjet enterprise 600 

 References:
https://lists.immunityinc.com/pipermail/dailydave/2011-November/000378.html
http://www.securityfocus.com/bid/51324
http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say
http://isc.sans.org/diary/Hacking+HP+Printers+for+Fun+and+Profit/12112
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03102449
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03102449
Copyright 2024, cxsecurity.com

 

Back to Top