Samsung to issue firmware fix for printer security flaw on Friday

http://www.computerworld.com/s/article/9234118/Samsung_to_issue_firmware_fix_for_printer_security_flaw_on_Friday

By John Ribeiro IDG News Service November 29, 2012

Samsung Electronics will close a security hole in the firmware of some of its printers by issuing an update on Friday, and said they could be protected by disabling SNMP.

The affected printers have a backdoor administrator account hard-coded in their firmware that does not require authentication and can be accessed over the Simple Network Management Protocol (SNMP) interface, the U.S. Computer Emergency Readiness Team (US-CERT) said earlier this week in an advisory.

The affected Samsung printers, and some Dell printers made by Samsung, contain a hardcoded SNMP full read-write community string that remains active even when SNMP is disabled in the printer management utility, US-CERT said.

SNMP is an Internet protocol commonly used to monitor and read statistics from network-attached devices.

[…]

______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org




Facebooktwittergoogle_plusredditpinterestlinkedinmail