CVE-2020-28416

Q: What is the severity of CVE-2020-28416?

CVE-2020-28416 has a CVSS score of 7.8 (HIGH). This vulnerability in HP's I.R.I.S. OCR software allows local attackers to execute arbitrary code on affected HP printers. It affects users of HP PageWide and OfficeJet printers with vulnerable software installations. Exploitation requires local access to the printer system.

7.8 HIGH

Remote Code Execution

📋 TL;DR

This vulnerability in HP's I.R.I.S. OCR software allows local attackers to execute arbitrary code on affected HP printers. It affects users of HP PageWide and OfficeJet printers with vulnerable software installations. Exploitation requires local access to the printer system.

💻 Affected Systems

Products:

HP PageWide printers
HP OfficeJet printers

Versions: Specific versions not detailed in advisory, but all versions with I.R.I.S. OCR software before patching

Operating Systems: Printer firmware/embedded systems

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects printers with I.R.I.S. OCR software installed. Vulnerability is in the OCR component of printer software.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the printer system allowing persistent malware installation, data exfiltration, and lateral movement to connected networks.

🟠

Likely Case

Local privilege escalation leading to unauthorized access to printer functions, configuration changes, and potential data capture from scanned documents.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing unauthorized local access to printer interfaces.

🌐 Internet-Facing: LOW - Requires local access to printer system, not directly exploitable over internet.

🏢 Internal Only: MEDIUM - Internal attackers with physical or network access to printer could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access to printer system. No public exploit code available as of advisory publication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to latest firmware/software version as specified in HP advisory

Vendor Advisory: https://support.hp.com/us-en/document/c07051163

Restart Required: Yes

Instructions:

1. Visit HP support site and download latest firmware/software update for your printer model. 2. Install update following HP's instructions. 3. Restart printer to complete installation.

🔧 Temporary Workarounds

Disable I.R.I.S. OCR software

all

Remove or disable the vulnerable OCR component if not required for operations

Follow printer administration interface to disable OCR features

Restrict local access

all

Implement network segmentation and access controls to limit who can access printer management interfaces

Configure firewall rules to restrict printer management port access
Implement VLAN segmentation for printers

🧯 If You Can't Patch

Segment printers on isolated network VLANs
Implement strict access controls to printer management interfaces
Disable unnecessary printer features including OCR if not required

🔍 How to Verify

Check if Vulnerable:

Check printer firmware version against HP's advisory. If I.R.I.S. OCR software is installed and not updated, system is vulnerable.

Check Version:

Check printer web interface or control panel for firmware version information

Verify Fix Applied:

Verify firmware version has been updated to latest version specified in HP advisory. Confirm OCR software version if possible.

📡 Detection & Monitoring

Log Indicators:

Unusual OCR process activity
Unauthorized configuration changes
Unexpected software installations on printer

Network Indicators:

Unusual network traffic from printer to unexpected destinations
Suspicious connections to printer management ports

SIEM Query:

source="printer_logs" AND (event="configuration_change" OR event="software_install")

📊 Metadata

CVE ID: CVE-2020-28416

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Published: November 3, 2021

Last Updated: November 21, 2024

🔗 References

https://support.hp.com/us-en/document/c07051163 Vendor Advisory
https://support.hp.com/us-en/document/c07051163 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Officejet 250 Cz992a Firmware by Hp

Officejet 250c L9d57a Firmware by Hp

Officejet 252 N4l16c Firmware by Hp

Officejet 252c N4l18c Firmware by Hp

Officejet 258 N4l17a Firmware by Hp

Officejet 4650 E6g87a Firmware by Hp

Officejet 4650 F1h96a Firmware by Hp

Officejet 4650 F1h96b Firmware by Hp

Officejet 4650 F1j03a Firmware by Hp

Officejet 4650 F1j04a Firmware by Hp

Officejet 4650 F9d37a Firmware by Hp

Officejet 4650 K9v77a Firmware by Hp

Officejet 4650 K9v85b Firmware by Hp

Officejet 4651 K9v83b Firmware by Hp

Officejet 4652 F1j02a Firmware by Hp

Officejet 4652 F1j05b Firmware by Hp

Officejet 4652 K9v84b Firmware by Hp

Officejet 4654 F1j06b Firmware by Hp

Officejet 4654 F1j07b Firmware by Hp

Officejet 4654 K9v76a Firmware by Hp

Officejet 4655 F1j00a Firmware by Hp

Officejet 4655 K9v82b Firmware by Hp

Officejet 4656 K9v81b Firmware by Hp

Officejet 4657 V6d27b Firmware by Hp

Officejet 4657 V6d29b Firmware by Hp

Officejet 4658 V6d28b Firmware by Hp

Officejet 4658 V6d30b Firmware by Hp

Officejet 5740 B9s76a Firmware by Hp

Officejet 5740 B9s78a Firmware by Hp

Officejet 5740 B9s79a Firmware by Hp

Officejet 5741 B9s83a Firmware by Hp

Officejet 5742 B9s81a Firmware by Hp

Officejet 5742 B9s84a Firmware by Hp

Officejet 5742 F8b11a Firmware by Hp

Officejet 5743 F8b10a Firmware by Hp

Officejet 5744 B9s82a Firmware by Hp

Officejet 5744 B9s85a Firmware by Hp

Officejet 5745 B9s80a Firmware by Hp

Officejet 5746 F8b09a Firmware by Hp

Officejet 5746 T1p36a Firmware by Hp

Officejet 6835 T6t84a Firmware by Hp

Officejet 6950 P4c78a Firmware by Hp

Officejet 6950 P4c81a Firmware by Hp

Officejet 6950 P4c82a Firmware by Hp

Officejet 6950 P4c84a Firmware by Hp

Officejet 6950 P4c85a Firmware by Hp

Officejet 6950 P4c86a Firmware by Hp

Officejet 6950 T3p03a Firmware by Hp

Officejet 6960 J7k33a Firmware by Hp

Officejet 6960 J7k35a Firmware by Hp

Officejet 6960 J7k37a Firmware by Hp

Officejet 6960 J7k38a Firmware by Hp

Officejet 6960 J7k39a Firmware by Hp

Officejet 6960 T0f28a Firmware by Hp

Officejet 6960 T0f30a Firmware by Hp

Officejet 6960 T0f31a Firmware by Hp

Officejet 6960 T0f32a Firmware by Hp

Officejet 6960 T0f36a Firmware by Hp

Officejet 6960 T0f38a Firmware by Hp

Officejet 6960 T0g25a Firmware by Hp

Officejet 6960 T0g26a Firmware by Hp

Officejet 7510 G3j47a Firmware by Hp

Officejet 7512 K1z44a Firmware by Hp

Officejet Pro 6830 E3e02a Firmware by Hp

Officejet Pro 6830 M0f56a Firmware by Hp

Officejet Pro 6830c L3l04a Firmware by Hp

Officejet Pro 6835 J2d37a Firmware by Hp

Officejet Pro 6960 J7k33a Firmware by Hp

Officejet Pro 6960 J7k35a Firmware by Hp

Officejet Pro 6960 J7k37a Firmware by Hp

Officejet Pro 6960 J7k38a Firmware by Hp

Officejet Pro 6960 J7k39a Firmware by Hp

Officejet Pro 6960 T0f28a Firmware by Hp

Officejet Pro 6960 T0f30a Firmware by Hp

Officejet Pro 6960 T0f31a Firmware by Hp

Officejet Pro 6960 T0f32a Firmware by Hp

Officejet Pro 6960 T0f36a Firmware by Hp