CVE-2011-4161

Published: Dec 1, 2011Modified: Apr 29, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update.

Affected (43)

Products: Hp: Color Laserjet 3000, Color Laserjet 3800, Color Laserjet 4700, Color Laserjet 4730, Color Laserjet 4730 Mfp, Color Laserjet 5550, Color Laserjet 9500, Color Laserjet Cm3530, Color Laserjet Cm4540, Color Laserjet Cm4730, Color Laserjet Cm6030, Color Laserjet Cm6040, Color Laserjet Cp3505, Color Laserjet Cp3525, Color Laserjet Cp4005, Color Laserjet Cp5525, Color Laserjet Cp6015, Color Laserjet Enterprise Cp4520, Color Laserjet Enterprise Cp4525, Color Mfp Cm8060, Digital Sender 9200c, Digital Sender 9250c, Laserjet 4240, Laserjet 4250, Laserjet 4345 Mfp, Laserjet 4350, Laserjet 5200, Laserjet 9040, Laserjet 9050, Laserjet Enterprise 500 Color, Laserjet Enterprise 600, Laserjet Enterprise M4555, Laserjet Enterprise P3015, Laserjet M3035, Laserjet M5035, Laserjet M9040, Laserjet M9050, Laserjet P3005, Laserjet P4014, Laserjet P4015, Laserjet P4515

41 products

Color Laserjet 3000

Color Laserjet 3800

Color Laserjet 4700

Color Laserjet 4730

Color Laserjet 4730 Mfp

Color Laserjet 5550

Color Laserjet 9500

Color Laserjet Cm3530

Color Laserjet Cm4540

Color Laserjet Cm4730

Color Laserjet Cm6030

Color Laserjet Cm6040

Color Laserjet Cp3505

Color Laserjet Cp3525

Color Laserjet Cp4005

Color Laserjet Cp5525

Color Laserjet Cp6015

Color Laserjet Enterprise Cp4520

Color Laserjet Enterprise Cp4525

Color Mfp Cm8060

Digital Sender 9200c

Digital Sender 9250c

Laserjet 4345 Mfp

Laserjet Enterprise 500 Color

Laserjet Enterprise 600

Laserjet Enterprise M4555

Laserjet Enterprise P3015

Configuration A

43 vulnerable

Vulnerable Software	Affected Versions
Hp Color Laserjet 3000	All versions
Hp Color Laserjet 3800	All versions
Hp Color Laserjet 4700	All versions
Hp Color Laserjet 4730	Version mfp
Hp Color Laserjet 4730 Mfp	All versions
Hp Color Laserjet 5550	All versions
Hp Color Laserjet 9500	All versions
Hp Color Laserjet Cm3530	All versions
Hp Color Laserjet Cm4540	Version mfp
Hp Color Laserjet Cm4730	Version mfp
Hp Color Laserjet Cm6030	All versions
Hp Color Laserjet Cm6040	All versions
Hp Color Laserjet Cp3505	All versions
Hp Color Laserjet Cp3525	All versions
Hp Color Laserjet Cp4005	All versions
Hp Color Laserjet Cp5525	All versions
Hp Color Laserjet Cp6015	All versions
Hp Color Laserjet Enterprise Cp4520	All versions
Hp Color Laserjet Enterprise Cp4525	All versions
Hp Color Mfp Cm8060	All versions
Hp Digital Sender 9200c	All versions
Hp Digital Sender 9250c	All versions
Hp Laserjet 4240	All versions
Hp Laserjet 4250	All versions
Hp Laserjet 4345 Mfp	All versions
Hp Laserjet 4350	All versions
Hp Laserjet 5200	All versions
Hp Laserjet 9040	All versions
Hp Laserjet 9050	All versions
Hp Laserjet Enterprise 500 Color	Version m551
Hp Laserjet Enterprise 600	Version m601
Hp Laserjet Enterprise 600	Version m602
Hp Laserjet Enterprise 600	Version m603
Hp Laserjet Enterprise M4555	Version mfp
Hp Laserjet Enterprise P3015	All versions
Hp Laserjet M3035	All versions
Hp Laserjet M5035	All versions
Hp Laserjet M9040	All versions
Hp Laserjet M9050	All versions
Hp Laserjet P3005	All versions
Hp Laserjet P4014	All versions
Hp Laserjet P4015	All versions
Hp Laserjet P4515	All versions

Related CWEs

References (16)

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03102449

Source: hp-security-alert@hp.com

Vendor Advisory

http://isc.sans.org/diary/Hacking+HP+Printers+for+Fun+and+Profit/12112

Source: hp-security-alert@hp.com

http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say

Source: hp-security-alert@hp.com

http://secunia.com/advisories/47063

Source: hp-security-alert@hp.com

http://www.kb.cert.org/vuls/id/717921

Source: hp-security-alert@hp.com

US Government Resource

http://www.securityfocus.com/bid/51324

Source: hp-security-alert@hp.com

http://www.securitytracker.com/id?1026357

Source: hp-security-alert@hp.com

https://lists.immunityinc.com/pipermail/dailydave/2011-November/000378.html

Source: hp-security-alert@hp.com

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03102449

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://isc.sans.org/diary/Hacking+HP+Printers+for+Fun+and+Profit/12112

Source: af854a3a-2127-422b-91ae-364da2661108

http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/47063

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/717921

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.securityfocus.com/bid/51324

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1026357

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.immunityinc.com/pipermail/dailydave/2011-November/000378.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.