Samsung printers contain hidden, hard-coded management account

https://www.flickr.com/photos/samsungtomorrow/7641624576/

Samsung printers released before October 31, 2012, have been found to contain a hard-coded account that could allow an attacker to remotely take control of the device.

As described in a vulnerability note released by the US Computer Emergency Response Team (CERT), affected printers have a Simple Network Management Protocol (SNMP) account programmed into their firmware. This account continues to permit access to the device even if SNMP functions are disabled in the printer’s management utility. Some Dell printers manufactured by Samsung are also affected.


Original news article at https://news.hitb.org/ on November 27, 2012 at 06:28AM