 |
 |
From Sans News Bytes --Hardcoded Admin Account in Some Samsung Printers Pose Security Risk (November 28 & 29, 2012) The US Computer Emergency Response Team (US-CERT) is warning consumers that firmware in some Samsung printers contains a hardcoded backdoor account that could be exploited to allow remote access to affected networks. The administrative account does not require access verification and cannot be disabled by users. The issue affects Samsung products released prior to October 31, 2012. The company plans to issue "updated firmware for all current models by November 30, with all other models receiving an update by the end of the year." The flaw could allow attackers to read print jobs. The problem can be resolved by disabling SNMP (simple network management protocol). Some Dell printers that are manufactured by Samsung are also affected. http://www.computerworld.com/s/article/9234118/Samsung_to_issue_firmware_fix _for_printer_security_flaw_on_Friday?taxonomyId=17 http://www.zdnet.com/researcher-reveals-backdoor-access-in-samsung-printers- 7000008013/ http://www.informationweek.com/security/vulnerabilities/samsung-printers-hav e-hidden-security-ri/240142715 http://news.cnet.com/8301-1009_3-57555820-83/some-samsung-printers-vulnerabl e-to-hackers/ http://www.kb.cert.org/vuls/id/281284 [Editor's comment (Northcutt): Friends don't let friends use Samsung printers; they apparently forget to sign their printer drivers from time to time making it hard to protect systems with end-point white listing software (and please do not write me with instructions on how to sign the drivers myself, that misses the point): http://aaron-kelley.net/blog/2012/10/installing-the-samsung-ml-1210-printer- driver-on-windows-8/ http://techblog.mirabito.net.au/?p=68 (Honan): Network attached devices such as printers, scanners, and photocopiers have embedded operating systems and large storage capacities installed on them which if accessed by unauthorised users could reveal a lot of sensitive information; many are also accessible via the Internet. A search on the Shodan website for keywords relating to network attached printers came back with over 30,000 hits.]Lee Duynslager LD Information Technology Department of Plant, Soil and Microbial Sciences 578 Wilson Rd., Rm 207 Center for Integrated Plant Systems East Lansing, MI 48823-1311 432-5296