April 5, 2023
HP Discovers Critical Vulnerability in LaserJet Printers
HP has released an advisory addressing critical vulnerability affecting certain models of HP Enterprise LaserJet and HP LaserJet Managed Printers when IPsec protocol is enabled with FutureSmart firmware version 5.6.
- CVE-2023-1707 (CVSS 3.1: 9.1, Critical) – An information disclosure vulnerability. Exploitation of this vulnerability could lead to potential information leak.
For a full list of affected products review the official advisory HPSBPl03838.
At the moment there is no patch available, but in order to mitigate this vulnerability, CYREBRO recommends to downgrade FutureSmart firmware version to FS 18.104.22.168.
References: HP Advisory HPSBPI03838