HP has discovered four critical vulnerabilities in Universal Print Driver Series. The driver is found in many HP printer models.
Do you have an HP printer in your home or office? Then read this message extra carefully. Four vulnerabilities have been discovered in the Universal Print Driver Series driver (PCL 6 and PostScript). They can be found in the libraries libjpg, libpng, zlib and OpenSSL.
Three of the four vulnerabilities receive a CVSS score of 9.8 and are thus labeled critical. CVE-2017-12652 (libpng) and CVE-2022-2068 (OpenSSL) allow the execution of malicious code. CVE-2023-45853 (zlib) leaks data from your printer. The fourth vulnerability, CVE-2020-14152, can cause your printer to refuse service and is considered “high risk” with a CVSS score of 7.1.
Is your printer vulnerable?
Because Universal Print Driver Series is so widespread in HP printers, several of the manufacturer’s printer models are susceptible. The driver is present in HP’s Business Inkjet, LaserJet and OfficeJet printers, as well as some Samsung printer models, among others.
read also
Major Windows 11 update causes problems with printers and scanners
Through this list, you can check if the driver is installed on your printers. But if you have an HP office printer, then you can assume so.
Update Printer
The solution sounds simple: update your printer’s driver. HP confirms that only version 7.3.0.25919 closes the four vulnerabilities. It is recommended not to delay the update any longer than necessary. You can find the correct version via the installation page.
Old printer entries must be removed manually after installation, as this does not happen automatically. To ensure that only the latest drivers are used after installation, administrators should check for old entries and remove them themselves.