Printed from http://www.electronista.com

US-CERT: Samsung printers vulnerable to remote attack

updated 02:13 am EST, Fri November 30, 2012

Flaw in Samsung's SNMP implementation to blame for exploit

Printers manufactured by Samsung have been found to have a glaring security weakness -- most all models built before October 31, 2012 have a backdoor administrator account that could enable attackers to modify configurations, read network information, access stored credentials, and potentially execute malicious code. The SNMP account in the printers reportedly has full read and write permissions, and remains accessible to network assault even when turned off using the printer's maintenance utility.

The US Computer Emergency Readiness Team (US-CERT) said in a report about the flaw that "Samsung has also indicated that they will be releasing a patch tool later this year to address vulnerable devices." The group recommends that users restrict access to the printers, allowing SNMP access only from trusted host IP addresses, MAC address filtering, or only allowing access from network segments known to be safe, which would limit the ability of hackers to use the hardcoded credentials.

US-CERT did not publicize a list of affected printers, but noted that Dell-branded printers manufactured by Samsung were affected by the flaw as well. Disabling SNMPv1 and 2 on a network-level will prevent this exploit from being executed. SNMPv3 mode is considered secure.



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Epson PowerLite Home Cinema 3500 projector

Trying to find the perfect projector for a home theater can be tricky, as there are bountiful options on the market from a large numbe ...

Thecus N2310 NAS

For every computer user, there comes a point of critical mass in data storage. When it hits, external hard drives, USB sticks and DVD ...

iRig Pads

When it comes to mobile music products, IK Multimedia has positioned itself as one of the top suppliers. Right from the early days of ...

Sponsor

toggle

Most Commented

 
toggle

Popular News