US-CERT Warns of Samsung Printer Vulnerability
Printers released after October 31 of this year are not affected.
The United States Computer Emergency Readiness Team (US-CERT) recently warned that Samsung printers contain a hardcoded account that could be leveraged to execute arbitrary code.
"The hardcoded account does not require authentication and can be accessed over the Simple Network Management Protocol (SNMP) interface of the affected printers ... SNMP is an Internet protocol commonly used to monitor and read statistics from network-attached devices," writes PCWorld's Lucian Constantin.
"This account continues to permit access to the device even if SNMP functions are disabled in the printer's management utility," writes ZDNet's Michael Lee. "Some Dell printers manufactured by Samsung are also affected."
"Besides putting the printers and data passing through these devices at risk, the backdoor is also endangering other systems on the network as it can enable attackers to execute arbitrary code," The H Security reports. "Therefore, these printers could be the weak points attackers can exploit to attack other devices on the network, US-CERT says."
"CERT suggests, as a workaround, that administrators allow only connections from trusted hosts and networks thus denying an attacker access to the SNMP interface using the hardcoded password," writes Threatpost's Michael Mimoso.
"Samsung is aware of the flaw and has said that printers released after October 31 of this year don't contain this weakness," writes CNET News' Lance Whitney.
"A patch will be released 'shortly,' Samsung and Dell have said," writes VentureBeat's John Koetsier.