HP could take up to three months to patch a critical vulnerability in HP Enterprise LaserJet and HP LaserJet Managed printers

HP logo

HP has issued a security warning about a vulnerability which affects numerous HP Enterprise LaserJet and HP LaserJet Managed printers. The flaw is tracked as CVE-2023-1707 is described as "critical" having been assigned a CVSS rating of 9.1.

Despite the severity of the bug -- which HP says could lead to "information disclosure when IPsec is enabled with FutureSmart version 5.6" -- it could take up to 90 days to issue a fix. However, the company has provided a temporary firmware mitigation.

See also:

At this stage, HP is sharing little in the way of detail about the flaw, saying simply: "Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version 5.6".

In a security bulletin posted to its support site, the company says:

HP has provided a temporary firmware mitigation for customers currently running FutureSmart 5.6 with IPsec enabled on potentially impacted products. HP recommends immediately reverting to a prior version of the firmware (FutureSmart version 5.5.0.3). Updated firmware to address the issue is expected within 90 days.

To obtain the recommended firmware listed below, go to the HP Customer Support - Software and Driver Downloads, and then search for your printer model.

Details of the affected printers can be found here.

Image credit: rclassenlayouts / depositphotos

One Response to HP could take up to three months to patch a critical vulnerability in HP Enterprise LaserJet and HP LaserJet Managed printers

  1. Pingback: HP Enterprise LaserJet and HP LaserJet Managed Printer Critical Vulnerability Patching Could Take Up to Three Months – NEUS CORP

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.