Exploit on HP Multi-Function Devices

Recently a potential exploit on HP Multi-Function devices has been detected by the security research team Check Point Research. The underlying vulnerabilities CVE-2018-5925 and CVE-2018-5924 can be exploited when the device is used as a fax receiver. To accomplish this, a specifically malformed JPEG color fax document can be used to inject malware into the devices affected. This gives the attacker direct access to received & transmitted fax documents, scans and printed documents. The malware could also be used for a staged attack on further devices on the local network.

XCAPI is not affected by this vulnerability, as this specific mode of fax operation is not currently supported.

This case clearly shows the advantage of software based fax servers. Both the XCAPI product and the fax server software of TE-SYSTEMS’ partner companies are maintained on a regular basis. Customers are more used to installing regular updates of both their operating systems and the software running in those types of environments. In contrast, embedded network capable devices are often overlooked in terms of security.