Oops. Samsung’s been a bad boy — or at minimum very, very careless.
The U.S. Computer Emergency Readiness Team (US-CERT) revealed that Samsung printers (and some Dell printers manufactured by Samsung) contain a hardcoded backdoor which could allow access to hackers, who could then make changes to the device, see information and data passed to the printer, and possibly use the printer as a vector for further attacks inside a company’s network.
The backdoor operates over SNMP, the simple network management protocol, and remains active even when SNMP is disabled. Even worse, it does not require any authentication … meaning that blackhats who are aware of the vulnerability can simply walk right in.
If you’ve just bought a printer, you’re likely safe: Models released after October 31st, 2012 are not affected. A patch will be released “shortly,” Samsung and Dell have said.
Vulnerable organizations that need a fix instantly, network administrators can block the custom SNMP port, CERT said. Another suggestion — and good network practice — is to only allow connections from trusted sources.
VentureBeat is creating an index of the most exciting cloud-based services for developers. Take a look at our initial suggestions and complete the survey to help us build a definitive index. We’ll publish the official index later this month, and for those who fill out surveys, we’ll send you an expanded report free of charge. Speak with the analyst who put this survey together to get more in-depth information, inquire within.