Certain printers created by Samsung feature a hardcoded account that leaves them open to potential hacks.
Samsung printers and a select amount of Dell printers made by the Samsung have a hardcoded account which could see a hacker controlling and access information on the devices, so says the US-CERT (United States Computer Emergency Readiness Team).
Such printers contain a hardcoded SNMP (Simple Network Management Protocol) string delivering both read and write access. It stays active even if the user disables the network protocol.
"A remote, unauthenticated attacker could access an affected device with administrative privileges," US-CERT said. "Secondary impacts include: the ability to make changes to the device configuration, access to sensitive information (e.g., device and network information, credentials, and information passed to the printer), and the ability to leverage further attacks through arbitrary code execution."
Samsung responded by confirming it's aware of the flaw, with printers released after October 31 apparently not containing the security hole. A patch for the devices which are affected will be released by years end.
US-CERT advises those potentially affected to set their firewalls to allow connections from trusted hosts and networks. A Samsung spokesperson notified Cnet that the issue only affects printers that have SNMP enabled, subsequently seeing users disabling the protocol having the problem resolved.
Samsung's method of a fix, however, appears to contradict information provided by US-CERT within its security note. The technology giant clarified:
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
We take all matters of security very seriously and we are not aware of any customers who have been affected by this vulnerability. Samsung is committed to releasing updated firmware for all current models by November 30, with all other models receiving an update by the end of the year. However, for customers that are concerned, we encourage them to disable SNMPv1,2 or use the secure SNMPv3 mode until the firmware updates are made. For further information, customers may contact Samsung customer service at 1-866-SAM4BIZ for business customers or 1-800-SAMSUNG for consumers.
-
A Bad Day Is Samsung going to email every customer affected? Because I'm pretty sure there are some people who don't even know that there's a Windows 8.Reply -
Never knew Samsung made printers.Reply
Hope their refrigerators dont get hacked. Have ice cubes shooting out :p -
Thunderfox The most likely thing I can see this being used for is to print trollfaces on random people's printers.Reply -
rantoc memadmaxWhy would someone hack a printer for?Reply
Networked devices with their own SoC could be used for any number of applications. Rewrite the firmware and voila its a tad more than a printer.... -
freggo Now the Nigerians can hack your printer and when you come to the office you find a half dozen certificates of selected Swiss funds available for withdrawal.Reply
The submit form for the transfer taxes will also have been printed for your convenience :-)
-
One more reason not to buy Samsung. It took them three months to replace a defective printer cartridge (kept failing to send, sent to wrong address, etc...). They also failed to promptly patch a bug on their hard drive controller which caused them to lockup. After these two incidents I swore I would never buy another Samsung product.Reply
-
spartanmk2 brickmanNever knew Samsung made printers. Hope their refrigerators dont get hacked. Have ice cubes shooting outReply
Yeah i havent seen samsung printers either, that is HP territory (one of the few things HP makes that arent that bad)