The security of more than 150 HP-branded printers was severely compromised with a wormable bug, allowing attackers to get access to the devices. This should no longer be feasible with an upgrade from the American technology that is being released.

Printers used in homes and businesses alike have a security flaw that may have been exploited. Multifunctional printers, which can also scan, copy, and fax, fall into the second category. For example, a device like this could hold copies of a company's sensitive data, such as passwords. Cybercriminals may find this information to be quite valuable. Ransomware, for example, can be introduced if a hacker gains access to a network via a printer. Once the ransom is paid, all systems are decrypted and released only when the ransom is paid.

The security firm F-Secure found the leak. HP received an alert about this in the spring. HP was able to build a 'patch' to seal the breach by keeping the vulnerability under wraps for months. This new version of the software is now available for download. The vulnerability can only be exploited with a great deal of knowledge, according to F-Secure. Inexperienced hackers and cyber spies can use the vulnerability for targeted assaults. This may or may not have already occurred. There is no evidence that F-Secure has ever been utilized by criminals, according to the company's data.

Tracked as CVE-2021-39238, the vulnerability can be used to create wormable exploits that can self-replicate and spread to other HP printers inside internal networks or over the internet.

Discovered earlier this year by Alexander Bolshev and Timo Hirvonen, two security researchers at Finnish security firm F-Secure, a patch was made available on the HP website.