HP Security Manager: Malicious code vulnerability in printer management tool
A vulnerability in HP's Security Manager allows attackers to inject malicious code. An update is available.
(Image: momente/Shutterstock.com)
HP's Security Manager is used to manage, secure and ensure policy compliance of HP printers in networks. A vulnerability in the management software allows attackers to infiltrate and execute malicious code from the network.
HP warns of this in a security release. "HP Security Manager may be vulnerable to a vulnerability that allows code execution from the network through the use of Microsoft's OLE database library in version 18.4 for Microsoft SQL Server Express and Microsoft's SQLServer," the developers write there meagerly.
Old vulnerabilities now patched
The vulnerability entries date back to April 2024, when Microsoft closed the vulnerabilities on Patchday with updated software. However, the explanation there is even shorter: "Microsoft OLE DB driver for SQL Server remote code execution vulnerability", the Redmond company writes (CVE-2024-28906 / EUVD-2024-25972; CVE-2024-29044 / EUVD-2024-26091; CVSS 8.8, risk"high"). However, both only narrowly miss being classified as a "critical" risk.
Videos by heise
The vulnerabilities can be found in the ODBC drivers supplied with HP Security Manager 3.13 or older versions. In version 3.14, HP updates the third-party components and thus plugs the security leaks. The latest version of HP's Security Manager can be downloaded from the HP website.
HP also provides manual countermeasures for admins who do not wish to update this software from HP. Where HP Security Manager has been installed with a remote MS SQL Server or MS SQL Server Express database, the MS OLE DB driver can be removed or updated to version 18.7. Where IT managers have installed the database locally, they can enable TCP/IP as a protocol in SQL Configuration Manager and either remove or update the OLE DB driver. However, HP does not explain where admins can obtain the 18.7 driver version.
At the beginning of the year, HP closed malware gaps in the firmware of numerous HP network printers with updated software. One of these was even considered a critical threat, affecting hundreds of models.
(dmk)
