dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
852
share rss forum feed


Stem Bolt
Aka Smiling Bob
Premium
join:2002-11-08
Cleveland, OH
kudos:2

3 recommendations

Samsung/Dell - Printer firmware contains a backdoor

»www.kb.cert.org/vuls/id/281284

quote:
Samsung printers (as well as some Dell printers manufactured by Samsung) contain a hardcoded SNMP full read-write community string that remains active even when SNMP is disabled in the printer management utility.

A remote, unauthenticated attacker could access an affected device with administrative privileges. Secondary impacts include: the ability to make changes to the device configuration, access to sensitive information (e.g., device and network information, credentials, and information passed to the printer), and the ability to leverage further attacks through arbitrary code execution.
Solution

Samsung has stated that models released after October 31, 2012 are not affected by this vulnerability. Samsung has also indicated that they will be releasing a patch tool later this year to address vulnerable devices.


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17

Thanks for this, Stem Bolt See Profile



siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
reply to Stem Bolt

quote:
[...] The Register has asked Samsung representatives to confirm the existence of the back door and to explain which devices will need the patch.
Article

Also spotted: H-Online


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
reply to Stem Bolt

Samsung to issue patch Friday



siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico

quote:
It, Samsung, is releasing updated firmware for all current models, with all other models receiving an update by the end of the year. Samsung did not name the models affected.
It would behoove Dell to have made a statement, this has not been forthcoming.
quote:
Some Samsung printers, including models the Korean company made for Dell, have a backdoor [...]