Security experts from Columbia University have found a bug in HP LaserJet printers that allows attacker to steal information, get access to internal network or even... to set fire.
Some HP LaserJet printers do not verify a source of firmware updates.
Every time when LaserJet accepts print request it checks if a firmware is included. If so the software is installed without checking if genuine.
„What we did is find a way to change the core firmware of the device – change it entirely. By rewriting the firmware, we can inject any functions and features we wish“ - said professor Salvatore Stolfo.
His team was able to duplicate all print jobs to a remote printer, get access to internal network and overheat a paper making it to turn brown and smoke.
An attack can be launched by tricking user into printing a document with malicious firmware included or, if a printer is configured to receive print queries via internet, to launch an attack without user’s interaction.

Source: SC Magazine
30.11.2011