CVE-2023-1707

Name of the Vulnerable Software and Affected Versions HP Enterprise LaserJet and HP LaserJet Managed Printers versions with FutureSmart version 5.6

Description The issue is related to a lack of protection for service data, potentially allowing a remote attacker to disclose protected information when IPsec is enabled. The problem may lead to information disclosure between printers and other devices in the network under certain conditions. It is estimated that around 50 models of premium HP Enterprise LaserJet and HP LaserJet Managed printers are affected. There have been no reported active exploitations, but given the high severity rating, it is likely that hackers will develop an exploit within a short period.

Recommendations For HP Enterprise LaserJet and HP LaserJet Managed Printers with FutureSmart version 5.6, consider downgrading to FutureSmart version 5.5.0.3 as a temporary mitigation measure until an update is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.