HP近50款印表機爆遠端程式碼攻擊漏洞,本周將釋出韌體更新
HP將在本周內釋出印表機韌體,以修補一隻可能引發遠端程式碼執行的漏洞。
名為CVE-2017-2750的漏洞是由NTT Security的Stephen Breen發現並通報HP。該漏洞存在於HP產品韌體中,會導致DLL簽章驗證不足,造成任意程式碼遠端執行。漏洞風險等級被列為高度。
多款HP產品系列受到影響,包括LaserJet彩雷印表機產品近40款、多功能印表機PageWide 10多款、2款噴墨印表機產品OfficeJet、掃描器ScanJet產品1款及文件擷取工作站產品Digital Sender Flow等。
目前HP正在加緊製作修補程式,預定本周內正式釋出供用戶下載。
Product Name
|
Model Number
|
Firmware Revision
|
HP Color LaserJet Enterprise M651
|
CZ255A, CZ256A, CZ257A, CZ258A
|
v 2405129_000047 (or higher)
|
HP Color LaserJet Enterprise M652
|
J7Z98A, J7Z99A
|
v 2405130_000068 (or higher)
|
HP Color LaserJet Enterprise M653
|
J8A04A, J8A05A, J8A06A
|
v 2405130_000068 (or higher)
|
HP Color LaserJet Enterprise MFP M577
|
B5L46A, B5L47A, B5L48A
|
v 2405129_000038 (or higher)
|
HP Color LaserJet Enterprise M552
|
B5L23A, B5L23V
|
v 2308903_577315 (or higher)
|
HP Color LaserJet Enterprise M553
|
B5L24A, B5L25A, B5L26A, B5L27A, B5L38A
|
v 2308903_577315 (or higher)
|
HP Color LaserJet M680
|
CZ250A, CA251A
|
v 2405129_000042 (or higher)
|
HP Color LaserJet Managed E65050
|
L3U55A
|
v 2405130_000068 (or higher)
|
HP Color LaserJet Managed E65060
|
L3U56A, L3U57A
|
v 2405130_000068 (or higher)
|
HP LaserJet Enterprise 500 color MFP M575
|
CD644A, CD645A
|
v 2405129_000045 (or higher)
|
HP LaserJet Enterprise 500 MFP M525
|
CF116A, CF117A
|
v 2405129_000048 (or higher)
|
HP LaserJet Enterprise 700 color MFP M775
|
CF304A, CC523A, CC524C, CC522A, L3U49A, L3U50A
|
v 2405129_000061 (or higher)
|
HP LaserJet Enterprise 800 color M855
|
A2W77A, A2W78A, A2W79A
|
v 2405129_000057 (or higher)
|
HP LaserJet Enterprise 800 color MFP M880
|
A2W76A, A2W75A, D7P70A, D7P71A
|
v 2405129_000054 (or higher)
|
HP LaserJet Enterprise color flow MFP M575
|
CD646A
|
v 2405129_000045 (or higher)
|
HP LaserJet Enterprise flow M830z MFP
|
CF367A
|
v 2405129_000060 (or higher)
|
HP LaserJet Enterprise flow MFP M525
|
CF118A
|
v 2405129_000048 (or higher)
|
HP LaserJet Enterprise Flow MFP M630
|
B3G85A
|
v 2405129_000040 (or higher)
|
HP LaserJet Enterprise Flow MFP M631
|
J8J64A
|
v 2405129_000041 (or higher)
|
HP LaserJet Enterprise Flow MFP M632
|
J8J72A
|
v 2405129_000041 (or higher)
|
HP LaserJet Enterprise Flow MFP M633
|
J8J78A
|
v 2405129_000041 (or higher)
|
HP LaserJet Enterprise M527
|
F2A76A, F2A77A, F2A81A
|
v 2405129_000039 (or higher)
|
HP LaserJet Enterprise M607
|
K0Q14A, K0Q15A
|
v 2405130_000069 (or higher)
|
HP LaserJet Enterprise M608
|
K0Q17A, K0Q18A, M0P32A, K0Q19A
|
v 2405130_000069 (or higher)
|
HP LaserJet Enterprise M609
|
K0Q20A, K0Q21A, K0Q22A
|
v 2405130_000069 (or higher)
|
HP LaserJet Enterprise M806
|
CZ244A, CZ245A
|
v 2405129_000059 (or higher)
|
HP LaserJet Enterprise MFP M630
|
J7X28A
|
v 2405129_000040 (or higher)
|
HP LaserJet Enterprise MFP M631
|
J8J63A, J8J65A
|
v 2405129_000041 (or higher)
|
HP LaserJet Enterprise MFP M632
|
J8J70A, J8J71A
|
v 2405129_000041 (or higher)
|
HP LaserJet Enterprise MFP M633
|
J8J76A
|
v 2405129_000041 (or higher)
|
HP LaserJet Enterprise MFP M725
|
CF066A, CF067A, CF068A, CF069A
|
v 2405129_000058 (or higher)
|
HP LaserJet Managed E60055
|
M0P33A
|
v 2405130_000069 (or higher)
|
HP LaserJet Managed E60065
|
M0P35A, M0P36A
|
v 2405130_000069 (or higher)
|
HP LaserJet Managed E60075
|
M0P39A, M0P40A
|
v 2405130_000069 (or higher)
|
HP LaserJet Managed Flow MFP E62555
|
J8J67A
|
v 2405129_000041 (or higher)
|
HP LaserJet Managed Flow MFP E62565
|
J8J74A, J8J79A
|
v 2405129_000041 (or higher)
|
HP LaserJet Managed Flow MFP E62575
|
J8J80A
|
v 2405129_000041 (or higher)
|
HP LaserJet Managed MFP E62555
|
J8J66A
|
v 2405129_000041 (or higher)
|
HP LaserJet Managed MFP E62565
|
J8J73A
|
v 2405129_000041 (or higher)
|
HP OfficeJet Enterprise Color Flow MFP X585
|
B5L06A, B5L06V, ,B5L07A
|
v 2405129_000050 (or higher)
|
HP OfficeJet Enterprise Color MFP X585
|
B5L04A, B5L04V, B5L05A, B5L05V
|
v 2405129_000050 (or higher)
|
HP PageWide Enterprise Color 765
|
J7Z04A
|
v 2405087_018564 (or higher)
|
HP PageWide Enterprise Color MFP 586
|
G1W39A, G1W39V, G1W40A, G1W40V
|
v 2405129_000066 (or higher)
|
HP PageWide Enterprise Color MPF 780
|
J7Z09A, J7Z10A
|
v 2405087_018548 (or higher)
|
HP PageWide Enterprise Color MPF 785
|
J7Z11A, J7Z12A
|
v 2405087_018548 (or higher)
|
HP PageWide Enterprise Color X556
|
G1W46A, G1W46V, G1W47A, G1W47V, L3U44A
|
v 2405129_000051 (or higher)
|
HP PageWide Managed Color E55650
|
L3U44A
|
v 2405129_000051 (or higher)
|
HP PageWide Managed Color E75160
|
J7Z06A
|
v 2405087_018564 (or higher)
|
HP PageWide Managed Color Flow MFP 586
|
G1W41A, G1W41V
|
v 2405129_000066 (or higher)
|
HP PageWide Managed Color Flow MFP E77650
|
J7Z08A, J7Z14A
|
v 2405087_018548 (or higher)
|
HP PageWide Managed Color Flow MFP E77660
|
Z5G77A, J7Z03A, J7Z07A, J7Z05A
|
v 2405087_018548 (or higher)
|
HP PageWide Managed Color MFP E77650
|
J7Z13A, Z5G79A
|
v 2405087_018548 (or higher)
|
HP ScanJet Enterprise Flow N9120 Doc Flatbed Scanner
|
L2683A
|
v 2405087_018552 (or higher)
|
HP Digital Sender Flow 8500 fn2 Doc Capture Workstation
|
L2762A
|
v 2405087_018553 (or higher)
|
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.