Printers factory-made by Samsung have a backdoor administrator account laborious coded in their code that would modify attackers to alter their configuration, browse their network data or hold on credentials and access sensitive data passed to them by users.
The hard coded account doesn't need authentication and may be accessed over the straightforward Network Management Protocol (SNMP) interface of the affected printers, the us laptop Emergency Readiness Team (US-CERT) aforementioned Mon in an exceedingly security informatory.
SNMP is an online protocol unremarkable accustomed monitor and skim statistics from network-attached devices.
The SNMP account found in Samsung printers has full browse and write permissions and remains accessible although SNMP is disabled exploitation the printer’s management utility, US-CERT aforementioned.
“Secondary impacts include: the flexibility to form changes to the device configuration, access to sensitive data (e.g., device and network data, credentials, and data passed to the printer), and therefore the ability to leverage any attacks through impulsive code execution,” the organization aforementioned.
It’s not simply Samsung-branded printers that contain the executive account, however conjointly some Dell-branded printers factory-made by Samsung.
US-CERT didn't give an inventory with the precise printer models laid low with the difficulty, however aforementioned that, in line with Samsung, models discharged once Oct. 31, 2012, don't seem to be vulnerable.
“Samsung has conjointly indicated that they're going to be cathartic a patch tool later this year to deal with vulnerable devices,” US-CERT aforementioned.
Samsung didn't like a shot reply to an invitation for comment.
US-CERT counseled that users follow security best practices and limit access to the printers. permitting access to their SNMP interfaces solely from sure hosts or network segments can limit the flexibility of attackers to use the hardcoded credentials, the organization aforementioned.
This is not the primary time once serious vulnerabilities square measure found in printers. Last year, 2 Columbia University researchers discovered a weakness within the remote code update feature of HP LaserJet printers that would have allowed attackers to require complete management of the devices.
The hard coded account doesn't need authentication and may be accessed over the straightforward Network Management Protocol (SNMP) interface of the affected printers, the us laptop Emergency Readiness Team (US-CERT) aforementioned Mon in an exceedingly security informatory.
SNMP is an online protocol unremarkable accustomed monitor and skim statistics from network-attached devices.
The SNMP account found in Samsung printers has full browse and write permissions and remains accessible although SNMP is disabled exploitation the printer’s management utility, US-CERT aforementioned.
“Secondary impacts include: the flexibility to form changes to the device configuration, access to sensitive data (e.g., device and network data, credentials, and data passed to the printer), and therefore the ability to leverage any attacks through impulsive code execution,” the organization aforementioned.
It’s not simply Samsung-branded printers that contain the executive account, however conjointly some Dell-branded printers factory-made by Samsung.
US-CERT didn't give an inventory with the precise printer models laid low with the difficulty, however aforementioned that, in line with Samsung, models discharged once Oct. 31, 2012, don't seem to be vulnerable.
“Samsung has conjointly indicated that they're going to be cathartic a patch tool later this year to deal with vulnerable devices,” US-CERT aforementioned.
Samsung didn't like a shot reply to an invitation for comment.
US-CERT counseled that users follow security best practices and limit access to the printers. permitting access to their SNMP interfaces solely from sure hosts or network segments can limit the flexibility of attackers to use the hardcoded credentials, the organization aforementioned.
This is not the primary time once serious vulnerabilities square measure found in printers. Last year, 2 Columbia University researchers discovered a weakness within the remote code update feature of HP LaserJet printers that would have allowed attackers to require complete management of the devices.
