Friday, November 30, 2012

Samsung printers have hardcoded backdoor account

Printers made by Samsung have a hardcoded backdoor account in their firmware, that could allow attackers to change their configuration, read network status and information and access sensitive user information.

computerworld reports:

"The hardcoded account does not require authentication and can be accessed over the Simple Network Management Protocol (SNMP) interface of the affected printers, the U.S. Computer Emergency Readiness Team (US-CERT) said in a security advisory.

SNMP is an Internet protocol commonly used to monitor and read statistics from network-attached devices.

The SNMP account found in Samsung printers has full read and write permissions and remains accessible even if SNMP is disabled using the printer's management utility, US-CERT said.

"Secondary impacts include: the ability to make changes to the device configuration, access to sensitive information (e.g., device and network information, credentials, and information passed to the printer), and the ability to leverage further attacks through arbitrary code execution," the organization said.

It's not just Samsung-branded printers that contain the administrative account, but also some Dell-branded printers manufactured by Samsung."

not cool

more here

No comments:

Post a Comment