Abaphandi bokhuseleko abavela kwi-F-Secure baye bachonga ubuthathaka obunzima (CVE-2021-39238) obuchaphazela ngaphezu kwe-150 HP LaserJet, i-LaserJet eLawulwayo, i-PageWide kunye ne-PageWide Managed abashicileli kunye ne-MFPs. Ukuba sesichengeni kukuvumela ukuba ubangele ukuphuphuma kwebuffer kwiprosesa yefonti ngokuthumela uxwebhu oluyilwe ngokukodwa lwePDF ukuze lushicilelwe kwaye ufezekise ukwenziwa kwekhowudi yakho kwinqanaba le-firmware. Ingxaki ikhona ukususela ngo-2013 kwaye yalungiswa kuhlaziyo lwe-firmware olupapashwe ngoNovemba 1 (umenzi waziswa ngengxaki ngo-Ephreli).
Uhlaselo lunokuqhutywa kokubini kubashicileli abadityanisiweyo basekhaya nakwiinkqubo zoshicilelo lwenethiwekhi. Umzekelo, umhlaseli unokusebenzisa ubuchule bobunjineli bentlalo ukunyanzela umsebenzisi ukuba aprinte ifayile engalunganga, ahlasele umshicileli ngenkqubo yomsebenzisi esele ichaphazelekile, okanye asebenzise ubuchule obunje ngo βDNS rebinding,β evumela xa umsebenzisi evula iphepha elithile umkhangeli zincwadi ukuthumela isicelo seHTTP kumshicileli womnatha womnatha port (9100/ TCP, JetDirect), ayifumaneki ukufikelela ngokuthe ngqo nge-Intanethi.
Emva koxhatshazo oluyimpumelelo lobuthathaka, umshicileli oyekelelweyo unokusetyenziselwa ukuqalisa uhlaselo kumsebenzi womnatha wendawo, ukusezela i-traffic, okanye ukushiya indawo efihlakeleyo yobukho kubahlaseli kumsebenzi womnatha wendawo. Ubuthathaka bukwalungele ukwakha iibhotnets okanye ukwenza iintshulube zenethiwekhi eziskena ezinye iinkqubo ezisesichengeni kwaye zizame ukuzosulela. Ukunciphisa ingozi kumshicileli, kuyacetyiswa ukuba ubeke abashicileli bomsebenzi wothungelwano kwiVLAN eyahlukileyo, uthintele i-firewall ekusekeni imidibaniso yenethiwekhi ephumayo kubashicileli, kwaye usebenzise umncedisi woshicilelo ophakathi owahlukileyo endaweni yokufikelela ngokuthe ngqo kumshicileli osuka kwiindawo zokusebenza.
Abaphandi baye bachonga enye i-vulnerability (CVE-2021-39237) kwiiprinta ze-HP, okwenza kube lula ukufumana ukufikelela okupheleleyo kwisixhobo. Ngokungafaniyo nobuthathaka bokuqala, ingxaki inikwe inqanaba eliphakathi lengozi, ekubeni uhlaselo lufuna ukufikelela ngokomzimba kumshicileli (kufuneka udibanise kwi-port ye-UART malunga nemizuzu emi-5).
umthombo: opennet.ru