Lucene search

K
hpHP Product Security Response TeamHP:C04262495
HistoryApr 22, 2014 - 12:00 a.m.

HPSBPI03014 rev.2 - HP LaserJet Pro MFP Printers, HP Color LaserJet Pro MFP Printers, Remote Disclosure of Information

2014-04-2200:00:00
HP Product Security Response Team
support.hp.com
76

EPSS

0.974

Percentile

99.9%

Potential Security Impact

Remote disclosure of information

VULNERABILITY SUMMARY

A potential vulnerability exists in HP LaserJet Pro MFP Printers, HP Color LaserJet Pro MFP Printers. This is the OpenSSL vulnerability known as “Heartbleed” (CVE-2014-0160) which could be exploited remotely resulting in disclosure of information.

RESOLUTION

HP has provided firmware updates that address this vulnerability. Please see the table below. To obtain the updated firmware, go to the HP Software and Drivers page for your product and find the firmware update from the list of available software.

Product Name

|

Model Number

|

Firmware Revision

—|—|—

Product Name

|

Model

|

Firmware Update Version

HP LaserJet Pro M435nw Multifunction Printer

|

A3E42A

|

v 20140411 (or higher)

HP LaserJet Pro 500 color MFP M570

|

CZ271A, CZ272A

|

v 20140411 (or higher)

HP LaserJet Pro M521 Multifunction Printer

|

A8P79A, A8P80A

|

v 20140411 (or higher)

HP Color LaserJet Pro MFP M476

|

CF387A, CF386A, CF385A

|

v 20140410 (or higher)

HP LaserJet Pro M701/M706 Printer

|

B6S00A, B6S01A, B6S02A

|

v 20140411 (or higher)