Execution of arbitrary code
Source: NTT Security
Reported By: Stephen Breen
Insufficient Solution DLL Signature Validation allows potential execution of arbitrary code.
Available Mitigation Settings:
The vulnerability can be avoided by either of the following actions:
Open the printer EWS, click the Security tab, then locate the Local Administrator Password section.
Open the printer EWS, click the Security tab, then locate the Firmware Upgrade Security section.
These recommendations are documented in HP Printing Security Best Practices for HP LaserJet Enterprise Printers.
See page 35 for EWS administrator password configuration.
See page 37 for Allow firmware upgrades sent as print jobs configuration.