Vulnerability Found in Samsung Printers Allowing Remote Hack

Vulnerability Found in Samsung Printers Allowing Remote Hack 

Bad news for those who are using Samsung and Dell-branded printers, as in an advisory U.S. Computer Emergency Readiness Team (US CERT) issued an warning that a hard coded administrative account could allow remote attackers to take control of their device. According to the vulnerability note (VU#281284)Samsung printers contain a hardcoded account that could allow a remote attacker to take control of an affected device. Samsung printers (as well as some Dell printers manufactured by Samsung) contain a hardcoded SNMP full read-write community string that remains active even when SNMP is disabled in the printer management utility. Manipulating the above vulnerability a remote, unauthenticated attacker could access an affected device with administrative privileges. Secondary impacts include: the ability to make changes to the device configuration, access to sensitive information (e.g., device and network information, credentials, and information passed to the printer), and the ability to leverage further attacks through arbitrary code execution. 
Samsung and Dell have stated that models released after October 31, 2012 are not affected by this vulnerability. Samsung and Dell have also indicated that they will be releasing a patch tool later this year to address vulnerable devices.
Block Port 1118/udp
The reporter has stated that blocking the custom SNMP trap port of 1118/udp will help mitigate the risks.

Restrict Access:
As a general good security practice, only allow connections from trusted hosts and networks. Restricting access would prevent an attacker from accessing an SNMP interface using the affected credentials from a blocked network location.

While talking about vulnerabilities in Printer, then we would like to remind you that late in last year Columbia University Researchers have discovered a vulnerability in some Hewlett-Packard (HP) LaserJet printer lines that could allow attackers to install a modified firmware to steal information, run attacks from within a network or cause physical damage to the printer. Later HP issued firmware to fix those security hole.


Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info. Thank You ! -Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You! -Team VOGH

Related Posts Plugin for WordPress, Blogger...