Printed from http://www.electronista.com

US-CERT: Samsung printers vulnerable to remote attack

updated 02:13 am EST, Fri November 30, 2012

Flaw in Samsung's SNMP implementation to blame for exploit

Printers manufactured by Samsung have been found to have a glaring security weakness -- most all models built before October 31, 2012 have a backdoor administrator account that could enable attackers to modify configurations, read network information, access stored credentials, and potentially execute malicious code. The SNMP account in the printers reportedly has full read and write permissions, and remains accessible to network assault even when turned off using the printer's maintenance utility.

The US Computer Emergency Readiness Team (US-CERT) said in a report about the flaw that "Samsung has also indicated that they will be releasing a patch tool later this year to address vulnerable devices." The group recommends that users restrict access to the printers, allowing SNMP access only from trusted host IP addresses, MAC address filtering, or only allowing access from network segments known to be safe, which would limit the ability of hackers to use the hardcoded credentials.

US-CERT did not publicize a list of affected printers, but noted that Dell-branded printers manufactured by Samsung were affected by the flaw as well. Disabling SNMPv1 and 2 on a network-level will prevent this exploit from being executed. SNMPv3 mode is considered secure.



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Cat B100

Cat is primarily known for its heavy-duty machinery used in the construction industry and farming, among other areas. What may not be ...

Linksys EA6900 AC Router

As 802.11ac networking begins to makes its way into more and more devices, you may find yourself considering an upgrade for your home ...

D-Link DIR-510L 802.11AC travel router

Having Internet access in hotels and other similar locations used to be a miasma of connectivity issues. If Wi-Fi was available, it wa ...

Sponsor

toggle

Most Commented

 
toggle

Popular News