Recently, HP has expanded its bug bounty program to cover the flaws in printers, and with this bug bounty program, HP wants to concentrate, especially on office-class print cartridge safety vulnerabilities. And this program is private, which means that everyone can’t join this program.
The program underscores HP’s dedication to delivering defense-in-depth beyond its all aspects of printing, which includes supply chain, cartridge chip, cartridge packaging, firmware, and printer hardware.
However, the security researchers who are requested by the HP have been notified to focus on firmware-level vulnerabilities, which also includes remote code execution, cross-site request forgery (CSRF), as well as the cross-site scripting (XSS) bugs.
Key Highlights
The highlights that have been disclosed by this security vulnerability are mentioned below:-
- This New Bug Bounty program intends to…