Forgot your password?
typodupeerror
Printer Security Hardware

Hardcoded Administrator Account Opens Backdoor Access To Samsung Printers 103

Posted by Soulskill
from the apple-probably-suing-for-patent-infringement dept.
hypnosec writes "A new flaw has been discovered in printers manufactured by Samsung whereby a backdoor in the form of an administrator account would enable attackers to not only take control of the flawed device, but will also allow them to attack other systems in the network. According to a warning on US-CERT the administrator account is hard-coded in the device in the form of an SNMP community string with full read-write access. The backdoor is not only present in Samsung printers but also in Dell printers that have been manufactured by Samsung. The administrator account remains active even if SNMP is disabled from the printer's administration interface."
This discussion has been archived. No new comments can be posted.

Hardcoded Administrator Account Opens Backdoor Access To Samsung Printers

Comments Filter:
  • by RocketRabbit (830691) on Tuesday November 27, 2012 @06:28PM (#42110267)

    What about the Samsung backdoor into your phones?

  • Silver Lining? (Score:2, Interesting)

    by CanHasDIY (1672858) on Tuesday November 27, 2012 @06:33PM (#42110317) Homepage Journal

    Because of full read-write access, the data that passes through the printer is at risk of being disclosed.

    Question: Does anyone know if this exploit could be used to alter/remove the tracking dots [seeingyellow.com] every color laser printer marks its documents with?

  • Re:Silver Lining? (Score:2, Interesting)

    by CanHasDIY (1672858) on Tuesday November 27, 2012 @06:49PM (#42110495) Homepage Journal

    Question: Does anyone know if this exploit could be used to alter/remove the tracking dots every color laser printer marks its documents with?

    No need. Following a link from the page you posted shows Samsung doesn't have tracking dots [eff.org].

    Have to take your word for it, as the firewall here blocks the EFF's website...

  • Old news to Dell (Score:2, Interesting)

    by Anonymous Coward on Tuesday November 27, 2012 @06:53PM (#42110535)

    We have a few Dell 1720's and they have this issue. SNMP public is read/write on these printers even if you turn it off. We discovered this back in 2011 during an internal network security audit. The risk is pretty low for us because we have adaquate network controls but we asked Dell technical support about this and they told us that because the printers were so old there was no hope of a firmware fix; they actually first said it was a feature before I called their BS.

    Anyway, they didn't even have to research it. They had it right in their KB. If it was on for the old printers and they didn't fix it on newer printers then someone dropped the ball (or wanted to keep the "feature").

NOWPRINT. NOWPRINT. Clemclone, back to the shadows again. - The Firesign Theater

Working...