HP LaserJet printers have a critical security bug - and there’s nothing you can do for now

HP says a patch isn’t coming for up to 90 days

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

HPhas issued awarningto business customers using certain LaserJetprintermodels that they should remain vigilant and take steps to tackle a vulnerability that could see unwanted information disclosure occur.

CVE-2023-1707 was awarded a score of 9.1 making it of critical severity. Its description reads: “Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version 5.6.”

The hardware and infrastructure giant has announced plans to issue a firmware update within 90 days, advising customers to downgrade firmware in the meantime to prevent unwanted attacks.

HP LaserJet printer vulnerability

The company confirmed that affected customers are running FutureSmart 5.6, software designed to enable printer configuration from the control panel or a dedicated web page. Affected users will also have IPsec enabled.

A full list of the affected HP Enterprise LaserJet and HP LaserJet Managed Printers models can be found on thesecurity notice, which suggests a temporary downgrade to version 5.5.0.3 of the firmware for a period of up to three months while HP works on a fix.

These are the best small business printers>Lexmark security bug leaves thousands of its printers open to attack>Serious vulnerabilities in HP devices left unpatched for months on end

With laser printing coming under scrutiny for its environmental impacts, such as high energy usage, dissatisfied customers unwilling to wait 90 days may be tempted to consider new hardware.

The company recently announcednew Color LaserJet printersthat promise to reduce energy consumption by up to 27%. ITDMs less loyal to HP specifically may also want to consider moving to rival brands likeEpson, which earlier this year announcednew inkjet printersthat use a quarter of a typical laser printer’s energy while matching printing speeds.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Regardless, manufacturer security advice should always be adhered to, and a firmware downgrade is a must for any business that values security ahead of a patch.

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

Rising AI threats are making firms turn back to human intelligence

Thousands of employees could be falling victim to obvious phishing scams every month

Nokia confirms data breach leaked third-party code, but its data is safe