toggle

AAPL Stock: 121.3 ( -1.07 )

Printed from http://www.macnn.com

US-CERT: Samsung printers vulnerable to remote attack

updated 02:13 am EST, Fri November 30, 2012

Flaw in Samsung's SNMP implementation to blame for exploit

Printers manufactured by Samsung have been found to have a glaring security weakness -- most all models built before October 31, 2012 have a backdoor administrator account that could enable attackers to modify configurations, read network information, access stored credentials, and potentially execute malicious code. The SNMP account in the printers reportedly has full read and write permissions, and remains accessible to network assault even when turned off using the printer's maintenance utility.

The US Computer Emergency Readiness Team (US-CERT) said in a report about the flaw that "Samsung has also indicated that they will be releasing a patch tool later this year to address vulnerable devices." The group recommends that users restrict access to the printers, allowing SNMP access only from trusted host IP addresses, MAC address filtering, or only allowing access from network segments known to be safe, which would limit the ability of hackers to use the hardcoded credentials.

US-CERT did not publicize a list of affected printers, but noted that Dell-branded printers manufactured by Samsung were affected by the flaw as well. Disabling SNMPv1 and 2 on a network-level will prevent this exploit from being executed. SNMPv3 mode is considered secure.




by MacNN Staff

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

Follow us on Facebook

toggle

Most Popular

Advertisement

Recent Reviews

HP 14-x030nr 14-inch Chromebook

If you're like us, chances are you've come to realize that you need the ability to access the Internet on the go. Also, you've prob ...

15-inch MacBook Pro with Force Touch

Apple's 15-inch Retina MacBook Pro continues to be a popular notebook with professional users and prosumers looking for the ultimate ...

Typo keyboard for iPad

Following numerous legal shenanigans between Typo -- a company founded in part by Ryan Seacrest -- and the clear object of his physica ...

toggle

Most Commented