Samsung, Dell printers contain admin backdoor hard coded in firmware

Got email marketing? We've got best practices from LivingSocial and estate sale guru Everything But The House in our next Insight webinar.

Oops. Samsung’s been a bad boy — or at minimum very, very careless.

The U.S. Computer Emergency Readiness Team (US-CERT) revealed that Samsung printers (and some Dell printers manufactured by Samsung) contain a hardcoded backdoor which could allow access to hackers, who could then make changes to the device, see information and data passed to the printer, and possibly use the printer as a vector for further attacks inside a company’s network.

The backdoor operates over SNMP, the simple network management protocol, and remains active even when SNMP is disabled. Even worse, it does not require any authentication … meaning that blackhats who are aware of the vulnerability can simply walk right in.

If you’ve just bought a printer, you’re likely safe: Models released after October 31st, 2012 are not affected. A patch will be released “shortly,” Samsung and Dell have said.

Vulnerable organizations that need a fix instantly, network administrators can block the custom SNMP port, CERT said. Another suggestion — and good network practice — is to only allow connections from trusted sources.

photo credit: alles-schlumpf via photopin cc

VB's research team is studying mobile user acquisition... Chime in here, and we’ll share the results.