Industry News

Serious Security Holes Exposed in Samsung, HP and Dell Printers, Researchers Say

Serious Security Holes Exposed in Samsung, HP and Dell Printers, Researchers Say

Samsung printers were deemed vulnerable after researchers discovered a hard-coded backdoor administrator account that could enable attackers to rewrite firmware or read network information.

The account can be accessed via the Simple Network Management Protocol interface and enables intruders to collect information from any device tied in to the network. The same security advisory emphasizes that Dell printers manufactured by Samsung are prone to the same vulnerability, enabling arbitrary code execution.

Serious Security Holes Exposed in Samsung, HP and Dell Printers, Researchers Say

“A remote, unauthenticated attacker could access an affected device with administrative privileges,” according to the security advisory. “Secondary impacts include: the ability to make changes to the device configuration, access to sensitive information (e.g., device and network information, credentials, and information passed to the printer), and the ability to leverage further attacks through arbitrary code execution.”

Hewlett-Packard LaserJet printers were also found vulnerable by a team of researchers at Columbia University, by using Remote Firmware Update to overwrite the printers’ off-the-shelf firmware. Although a HP spokesperson stated that “newer printers do require digitally signed firmware upgrades , and have since 2009”, the two researcher from Columbia University said that printers already compromised cannot be fixed.

“If and when HP rolls out a fix, if a printer is already compromised, the fix would be completely ineffective.  Once you own the firmware, you own it forever. That’s why this problem is so serious, and so different,” said Columbia researcher Ang Cui. “This is nothing like fixing a virus on your PC.”

Since company printers are often tied in to local networks, the findings prove that previously unexplored attack vectors could lead to serious repercussions. US-CERT believes a viable solution to avoid such attacks would be to restrict access to the SNMP interface.

About the author


Liviu Arsene is the proud owner of the secret to the fountain of never-ending energy. That's what's been helping him work his everything off as a passionate tech news editor for the past couple of years. He is the youngest and most restless member of the Bitdefender writer team and he covers mobile malware and security topics with fervor and a twist. His passions revolve around gadgets and technology, and he's always ready to write about what's hot and trendy out there in geek universe.