Abacwaningi bezokuphepha abavela ku-F-Secure bahlonze ukuba sengozini okubucayi (CVE-2021-39238) okuthinta ngaphezu kwamaphrinta we-HP LaserJet angu-150, i-LaserJet Managed, i-PageWide kanye ne-PageWide Managed nama-MFP. Ukuba sengozini kukuvumela ukuthi ubangele ukuchichima kwebhafa kusicubunguli sefonti ngokuthumela idokhumenti ye-PDF eklanywe ngokukhethekile ukuze iphrintwe futhi uzuze ukusetshenziswa kwekhodi yakho ezingeni le-firmware. Inkinga ibilokhu ikhona kusukela ngo-2013 futhi yalungiswa kuzibuyekezo ze-firmware ezishicilelwe ngoNovemba 1 (umkhiqizi wazisiwe ngenkinga ngo-Ephreli).
Ukuhlasela kungenziwa kokubili kumaphrinta axhumeke endaweni kanye nasezinhlelweni zokuphrinta zenethiwekhi. Isibonelo, umhlaseli angasebenzisa amasu onjiniyela wokuxhumana nomphakathi ukuze aphoqelele umsebenzisi ukuthi aphrinte ifayela eliyingozi, ahlasele iphrinta ngohlelo lomsebenzisi oseluvele lusengozini, noma asebenzise indlela efana nokuthi βDNS rebinding,β evumela, uma umsebenzisi evula into ethile. ikhasi esipheqululini, ukuthumela isicelo se-HTTP embobeni yenethiwekhi yephrinta (9100/ TCP, JetDirect), ayitholakali ukuze ufinyelele kuyo ngokuqondile nge-inthanethi.
Ngemva kokuxhashazwa ngempumelelo kokuba sengozini, iphrinta esengozini ingasetshenziswa njengesisekelo sokuqalisa ukuhlasela kunethiwekhi yendawo, ukuhogela ithrafikhi, noma ukushiya indawo efihliwe yokuba khona kubahlaseli kunethiwekhi yendawo. Ukuba sengozini nakho kulungele ukwakha ama-botnets noma ukudala izikelemu zenethiwekhi eziskena ezinye izinhlelo ezisengozini bese zizama ukuzithelela. Ukuze unciphise umonakalo ovela ekulimaleni kwephrinta, kuyanconywa ukuthi ubeke amaphrinta enethiwekhi ku-VLAN ehlukile, ukhawule i-firewall kusukela ekusunguleni uxhumo lwenethiwekhi oluphumayo kumaphrinta, futhi usebenzise iseva yokuphrinta emaphakathi ehlukile esikhundleni sokufinyelela ngokuqondile iphrinta kusuka ezindaweni zokusebenza.
Abacwaningi baphinde bakhombe okunye ubungozi (CVE-2021-39237) kumaphrinta we-HP, okwenza kube nokwenzeka ukuthola ukufinyelela okugcwele kudivayisi. Ngokungafani nokuba sengozini kokuqala, inkinga inikezwa izinga elilinganiselwe lengozi, njengoba ukuhlasela kudinga ukufinyelela ngokomzimba kuphrinta (udinga ukuxhuma echwebeni le-UART cishe imizuzu emi-5).
Source: opennet.ru