HP Expands It's Bug Bounty Program Covers Flaws in Printers
Honest currently, HP has expanded its trojan horse bounty program to cowl the flaws in printers, and with this trojan horse bounty program, HP needs to listen to, namely on area of work-class print cartridge security vulnerabilities. And this program is inside most, that ability that every person can’t be a part of this program.
This system underscores HP’s dedication to delivering protection-in-depth beyond its all sides of printing, which entails present chain, cartridge chip, cartridge packaging, firmware, and printer hardware.
Then all any other time, the safety researchers who are requested by the HP were notified to focal point on firmware-level vulnerabilities, which also entails a ways away code execution, frightful-situation set aside a query to forgery (CSRF), as well to the frightful-situation scripting (XSS) bugs.
Key Highlights
The highlights which were disclosed by this security vulnerability are mentioned beneath:-
- This New Worm Bounty program intends to name that you just may maybe per chance well per chance deem of uncertainties in area of work-class print cartridges.
- The moral hackers occupy a gamble to name the vulnerabilities in the interfaces among the many printers and the HP Normal Ink and Toner cartridges.
- HP will grant up to $10,000 for vulnerabilities detected.
- Underscores HP’s proceeded commitment to engineering the realm’s most official and stable printing programs.
HP Expands Worm Bounty Program
The trojan horse bounty program at the moment covers HP’s LaserJet Conducting printers and MFPs (A3 and A4), also the HP PageWide Conducting printers and MFPs (A3 and A4).
On this recent develop HP has joined with Bugcrowd to administer a 3-month program whereby four licensed white hat hackers were appointed to be conscious all that you just may maybe per chance well per chance deem of vulnerabilities in HP Normal print cartridges.
If any of the hackers accumulate the victory in this project, then HP will award a reward of $10,000 per vulnerability in an magnify to their low charge. HP had been serious about Worm Bounty programs over the years to enrich and lengthen the firm’s have precise penetration sorting out.
The white hat hacking is a widely feeble manner in the future of the technology industry, and HP is one in every of the entities that’s doing the same by the use of its trojan horse bounty program to make its printers. No longer finest this however extra on the whole than no longer, HP overlooks the attack vector.
That’s why to wait on a ways from the aptitude attack vectors; HP guides how reprogrammable microcontrollers on printer cartridges may maybe per chance well additionally additionally be renewed to add recent firmware with in dusky health-disposed code. All these cartridges may maybe per chance well additionally then be injected into the imitation-cartridge present chain to be remitted to an inexperienced target.
In one in every of their describe, HP affirmed that no longer too prolonged ago they are engaged with 34 security researchers, and this program contains finest endpoint devices worship printer-connected web domains that are out of scope and a highlight on print firmware.
All individuals is conscious of that daily, the safety attacks are rising hasty, and this time any connected devices can insist an avenue of attack for hackers. All it requires appropriate dedication and intense study and subsequent funding.
That’s why HP is committed to persevering their focused and rigorous sorting out, privately as well to with third-accumulate collectively consultants, for better protection of their customers and partners.
You would per chance maybe per chance well per chance apply us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking info updates.
Source credit : cybersecuritynews.com