Remote Denial of Service (DoS)
A potential security vulnerability has been identified with the remote upgrade capability of Laserjet printers. This vulnerability could be exploited remotely to create a Denial of Service (DoS).
The following procedure can be used to avoid the vulnerability:
1. Using the techniques described here, securely configure the networked printer:
<https://support.hp.com/us-en/document/bpj05999>
2. Disable the upgrade capability of the printer via SNMP, setting the remote-upgrade-enable object to an integer value of 1:
1.3.6.1.4.1.11.2.3.9.4.2.1.1.20.8.0
remote-upgrade-enable OBJECT-TYPE
SYNTAX INTEGER {
eOff(1),
eOn(2)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION "Enables or disables the ability to upgrade the firmware associated with any device that is available to be upgraded. "
::= { upgradable-devices 8 }
Note: To perform an upgrade of the printer, this object must be set to an integer value of 2. After the upgrade the object should be set to an integer value of 1 to disable the upgrade capability.
PRODUCT SPECIFIC INFORMATION