As if following on the heels of this recent report, independent security researcher Sebastián Guerrero released findings that outline multiple vulnerabilities in Hewlett-Packard’s JetDirect server software. JetDirect server software is often embedded within HP printing systems to allow for ease-of-use printing to both users and administrators alike. Guerrero’s findings, however, demonstrate that a third group of individuals may also benefit from the embedded software: hackers.
After examining packets of data being sent to/from the printer, Guerrero was able to locate tags within the UEL (Universal Exit Language), PJL (Printer Job Language), and PCL (Printer Control Language) sections of the print job that, if modified by an attacker, could be used to exploit vulnerabilities within the JetDirect software. Exploits range from the bypassing of job-based accounting authorization systems on the printer itself to the potential to turn the printer into a useless brick until a USB firmware reload is performed on the printer. Neither outcome is desirable, particularly for users in a high-volume, corporate environment where costs may be incurred both in terms of lost productivity and repairs.
Guerrero did not specify which models may be affected by the vulnerabilities, though in theory any unit using JetDirect software is vulnerable. HP themselves have not commented on the findings, but following multiple similar public disclosures in the past, HP released this document in an attempt to allay the fears of worried consumers by helping them secure their printers. As the document states, all JetDirect firmware should be completely up to date, an embedded web server password should be set, SNMP community names should be changed from the default, and all unnecessary network protocols should be disabled. Following these procedures should provide at least stable security for the printer, though further steps can be taken to ensure against future exploits.