Here's another Printer Network Backdoor to watch out for...
Vulnerability Note VU#281284
Samsung Printer firmware contains a hardcoded SNMP community string
Samsung printers contain a hardcoded SNMP community string that could allow a remote attacker to take control of an affected device.
Samsung printers (as well as some Dell printers manufactured by Samsung) contain a hardcoded SNMP full read-write community string that remains active even when SNMP is disabled in the printer management utility.
A remote, unauthenticated attacker could access an affected device with administrative read/write privileges. Secondary impacts include: the ability to make changes to the device configuration, access to sensitive information (e.g., device and network information, credentials, and information passed to the printer), and possibility the ability to leverage further attacks through arbitrary code execution.
Samsung and Dell have stated that models released after October 31, 2012 are not affected by this vulnerability. Samsung and Dell have also indicated that they will be releasing a patch tool later this year to address vulnerable devices.
Block Port 1118/udp
The reporter has stated that blocking the custom SNMP trap port of 1118/udp will help mitigate the risks.
Vendor Information (Learn More)
- News 11-29-12
- Hackaday Links: November 29th, 2012
- WASD Keyboards: Individual Custom Keycaps
- MSP430 Spectrum Analyzer - YouTube
- Through hole plating and milling at home
- MariaMole – an alternate Arduino IDE aimed at advanced users
- Best Free Software to Cut or Merge Audio Files
- General Assembly Grants Palestine Upgraded Status in U.N. - NYTimes.com
- Mercury Home to Ice, Messenger Spacecraft Findings Suggest - NYTimes.com
- U.S. Draws Blueprint for an AIDS-Free Generation
- How to Tie a Windsor Knot: 10 steps (with pictures) - wikiHow
- Most Accurate Projection of Polar Ice Melt Produced to Date
- A 60-Million-Year Debate on the Grand Canyon’s Age - NYTimes.com
- Gstaad Switzerland Vacation Travel Reviews - hotels, resorts and activities
- Researcher reveals backdoor access in Samsung printers | ZDNet