Printed from http://www.electronista.com

US-CERT: Samsung printers vulnerable to remote attack

updated 02:13 am EST, Fri November 30, 2012

Flaw in Samsung's SNMP implementation to blame for exploit

Printers manufactured by Samsung have been found to have a glaring security weakness -- most all models built before October 31, 2012 have a backdoor administrator account that could enable attackers to modify configurations, read network information, access stored credentials, and potentially execute malicious code. The SNMP account in the printers reportedly has full read and write permissions, and remains accessible to network assault even when turned off using the printer's maintenance utility.

The US Computer Emergency Readiness Team (US-CERT) said in a report about the flaw that "Samsung has also indicated that they will be releasing a patch tool later this year to address vulnerable devices." The group recommends that users restrict access to the printers, allowing SNMP access only from trusted host IP addresses, MAC address filtering, or only allowing access from network segments known to be safe, which would limit the ability of hackers to use the hardcoded credentials.

US-CERT did not publicize a list of affected printers, but noted that Dell-branded printers manufactured by Samsung were affected by the flaw as well. Disabling SNMPv1 and 2 on a network-level will prevent this exploit from being executed. SNMPv3 mode is considered secure.



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lacking ...

Sponsor

toggle

Most Commented

 
toggle

Popular News