Printers manufactured by Samsung have an administrator account (backdoor) coded in their firmware that could allow attackers to change settings, view their information network or stored credentials and access sensitive information transmitted to them by users
The bill does not require authentication encrypted and can be accessed via the interface Simple Network Management Protocol (SNMP) printers engaged, informed the Team Computer Emergency Response of the United States (US-CERT) in a given security.
SNMP is an Internet protocol used to monitor and read the statistics of network-connected devices. The account found in SNMP printers Samsung has full permission to read and write and remains accessible even if off, using the printer management utility, said the US-CERT.
“Secondary impacts include: the ability to make configuration changes to the device, access to sensitive information (eg, information appliances and network credentials and the information transmitted to the printer), and the ability to more attacks by executing arbitrary code, “the organization said.
Not only is Samsung brand printers that contain an administrative account, but also some Dell brand manufactured by Samsung.
The US-CERT did not provide an exact list of printer models affected by the problem, but said that, according to Samsung, the models released after October 31, 2012 are not vulnerable.“Samsung has also confirmed it will release a patch later this year to meet the vulnerable devices,” the organization said.
The US-CERT recommends that users follow security practices and restrict access to printers.Allowing access to your SNMP interfaces only trusted hosts or network segments limit the ability of attackers to use encrypted credentials, the organization said.