Unrated severityNVD Advisory· Published Mar 26, 2024· Updated Aug 6, 2024
HP Printer Firmware Update Utility for Certain HP DeskJet Printers - Potential Execution of Arbitrary Code
CVE-2024-2209
Description
A user with administrative privileges can create a compromised dll file of the same name as the original dll within the HP printer’s Firmware Update Utility (FUU) bundle and place it in the Microsoft Windows default downloads directory which can lead to potential arbitrary code execution.
Affected products
2- HP, Inc./HP Printer Firmware Update Utilityv5Range: See HP security bulletin reference for affected versions
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.