“Printers manufactured by Samsung have a backdoor administrator account hard coded in their firmware that could enable attackers to change their configuration, read their network information or stored credentials and access sensitive information passed to them by users,” Lucian Constantin reports for IDG News Service.
“The hardcoded account does not require authentication and can be accessed over the Simple Network Management Protocol (SNMP) interface of the affected printers, the U.S. Computer Emergency Readiness Team (US-CERT) said in a security advisory,” Constantin reports. “The SNMP account found in Samsung printers has full read and write permissions and remains accessible even if SNMP is disabled using the printer’s management utility, US-CERT said.”
Constantin reports, “‘Secondary impacts include: the ability to make changes to the device configuration, access to sensitive information (e.g., device and network information, credentials, and information passed to the printer), and the ability to leverage further attacks through arbitrary code execution,’ the organization said. It’s not just Samsung-branded printers that contain the administrative account, but also some Dell-branded printers manufactured by Samsung.”
Read more in the full article here.
[Thanks to MacDailyNews Reader “Paul” for the heads up.]