From bleepingcomputer.com
HP announced in a security bulletin this week that it would take up to 90 days to patch a critical-severity vulnerability that impacts the firmware of certain business-grade printers.
The security issue is tracked as CVE-2023-1707 and it affects about 50 HP Enterprise LaserJet and HP LaserJet Managed Printers models.
The company calculated a severity score of 9.1 out of 10 using the CVSS v3.1 standard and notes that exploiting it could potentially lead to information disclosure.