News Vulnerability Management

US-CERT: Samsung Printer Firmware Contains Backdoor

Tim Wilson

See more from Tim

Connect directly with Tim: Bio | Contact

Samsung printers contain a hard-coded account that could allow a remote attacker to take control

Tim Wilson November 29, 2012

Samsung printers manufactured before October of this year contain a backdoor account that could allow hackers to take control of them remotely, a researcher reported to US-CERT this week.

According to a vulnerability report made to US-CERT by researcher Neil Smith, Samsung printers -- as well as some Dell printers manufactured by Samsung -- contain a "hard-coded SNMP full read-write community string that remains active even when SNMP is disabled in the printer management utility."

More Security Insights

White Papers

More >>

Reports

More >>

Webcasts

More >>

The Simple Network Management Protocol (SNMP) is used to monitor the status of remote devices.

Using this backdoor account, a remote, unauthenticated attacker could access an affected device with administrative privileges, according to US-CERT. Such access could enable an attacker to make changes to the device configuration, gain access to sensitive information -- such as device and network information, credentials, and information passed to the printer -- and execute further attacks through arbitrary code.

Samsung and Dell have stated that models released after Oct. 31, 2012, are not affected by this vulnerability. Both companies said they will be releasing a patch tool later this year to address vulnerable devices.

Smith suggested that blocking the custom SNMP trap port of 1118/udp will help mitigate the risks posed by the backdoor.

Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Tim Wilson

See more from Tim

Connect directly with Tim: Bio | Contact

Dark Reading Discussions

Start the Discussion

To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.

Follow Dark Reading

Dark Reading Reports

How Attackers Choose Which Vulnerabilities To Exploit

In the increasingly complex world of information security, it's important for security professionals to be able to understand not only how their organization's systems and data may be compromised but why. In this Dark Reading report we examine why certain vulnerabilities are exploited, by whom and with what. We also provide recommendations for getting out infront of hackers by using some of the same tools and strategies they do.
Assessing Risk and Prioritizing Vulnerability Remediation

Vulnerability remediation is a never-ending process, but, even so, security pros can't plug every hole in every asset and application. The key is to determine which vulnerabilities are most likely to be exploited and the effects such exploits would have on the business. To do this, security pros must know the business and its technology usage and needs intimately, a process that must involve stakeholders across the organization. In this report we recommend the steps that should be taken to determine the risk of vulnerabilities and the lengths to which remediation can and should go.
Finding Vulnerabilities By Attacking Your Own Environment

Vulnerability scans are valuable, but you have to think and act like a hacker if you want to truly understand the ways in which your organization could be compromised. In this report, Dark Reading recommends the tools and methodologies that can be used to test your organization's security.

Other reports from the Vulnerability Management Tech Center:

Related Content

Sponsored by

Mobile Devices Drive Majority of Endpoint Security Concerns

The results of the 2013 State of the Endpoint study tracked endpoint risk in organizations, the resources to address the risk and the technologies deployed to manage threats. This study reveals that the state of endpoint risk is not improving and one of the top concerns is the proliferation of personally owned mobile devices in the workplace such as smart phones and iPads. Download "Mobile Devices Drive Majority of Endpoint Security Concerns" to review some of the most noteworthy survey findings, address the difficulties in managing the endpoint risk, and review recommendations to make improvements.
IT Pros Guide to Data Protection: Top 5 Tips to Securing Data in the Modern Organization

Ready your organization for more robust data protection measures by first implementing these five steps to improve data security in a business- and cost-effective manner.
Best Practice Guide to Addressing Web 2.0 Risks

With the rise of user-generated content, social networks and readily available information offered by the Web 2.0-enabled workplace, users are more connected to people and ideas than ever before. This new level of connectivity also introduces significant risk. Organizations need to find the proper balance of risk vs. productivity through improved policy, controls and education of users.
Closing the Antivirus Protection Gap: A Comparative Study on Effective Endpoint Protection Strategies

Corporate economic concerns have put increased pressure on already limited IT resources in recent years as the onslaught of malware and sophistication of cyber attacks continues to grow at exponential rates. As a result, 50% of endpoint operating costs are directly attributable to malware,1 yet, corporate IT budgets are still focused on maintaining stand alone antivirus as the keystone in endpoint security. In this paper, we will benchmark the effectiveness of standalone AV and O/S resident patching solution versus newer technologies and a defense-in-depth of approach of layering multiple endpoint security and operational technologies together.
Lumension Guide to Device Control Best Practices

USB flash drives and other removable storage devices continue to proliferate throughout organizations. This could result in the loss or theft of your sensitive corporate and customer data, or in the propagation of malware like Stuxnet. Fortunately, powerful data protection tools are now available to help mitigate these risks, while still enabling flexible and managed use of these productivity devices. Learn about the best practices for deploying device control within your environment. Walk away with the recommended process to successfully prepare, enforce and manage the use of removable devices and media, and to protect your sensitive data.

Free Research and Reports

What's this?From the Editors of DarkReading

More >>

Box Icon

Whitepapers

What's this?

More >>

Box Icon

Dark Reading Digital Magazine

Dark Reading May 2013 Digital Supplemental Issue

Back Issues

In This Issue

The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.

Download Now

First Name*:
Last Name*:
Email Address*:
Job Title:
Company/Organization/Gov't Dept.:
*Required field
Privacy Statement

Security

Protect The Business - Enable Access

News Vulnerability Management

US-CERT: Samsung Printer Firmware Contains Backdoor

Samsung printers contain a hard-coded account that could allow a remote attacker to take control

More Security Insights

White Papers

Reports

Webcasts

Related Reading

Dark Reading Discussions

Start the Discussion

Follow Dark Reading

Dark Reading Reports

How Attackers Choose Which Vulnerabilities To Exploit

Assessing Risk and Prioritizing Vulnerability Remediation

Finding Vulnerabilities By Attacking Your Own Environment

Sign up for the Dark Reading Daily email newsletter

Free Research and Reports

Whitepapers

Upcoming Events

Dark Reading Digital Magazine

In This Issue

News Vulnerability Management

US-CERT: Samsung Printer Firmware Contains Backdoor

Samsung printers contain a hard-coded account that could allow a remote attacker to take control

More Security Insights

White Papers

Reports

Webcasts

Related Reading

Dark Reading Discussions

Start the Discussion

Follow Dark Reading

Dark Reading Reports

Related Content

Dark Reading Newsletter

Sign up for the Dark Reading Daily email newsletter

Free Research and Reports

Whitepapers

Upcoming Events

Dark Reading Digital Magazine

In This Issue