Safety relevant information of MFP M725z from HP Inc.
A security vulnerability regarding printers/MFP from HP Inc. has been published on various news sites. In response, we would like to evaluate the mentioned issues regarding TA products.
１． Vulnerability Overview
F-Secure Corp. has investigated the vulnerability of the MFP M725z from HP Inc. As a result, two CVEs were registered.
２． Further information
- The investigative website of F-Secure Corp.
- The NVD website of NIST
３．Details of the vulnerability disclosed.
- CVE-2021-39237: Some HP LaserJet, HP LaserJet Managed, HP PageWide, or HP PageWide Managed printers may be vulnerable to possible information disclosure.
CVE-2021-39238: Some HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise PageWide, and HP PageWide Managed products are at risk of a buffer overflow.
４． Impact on our products.
Vulnerabilities CVE-2021-39237 and CVE-2021-3928 affect HP Inc. products. TA's products are built differently from HP Inc. MFP/printers, so these two vulnerabilities do not affect TA products. You can use the products without concern.