Researchers uncover over 35 vulnerabilities in six leading enterprise printers - Help Net Security

Researchers uncover over 35 vulnerabilities in six leading enterprise printers - Help Net Security

NCC Group researchers have uncovered significant vulnerabilities in six commonly used enterprise printers, highlighting the vast attack surface that can be presented by internet-connected printers.



The research


Daniel Romero, managing security consultant and research lead, and Mario Rivas, security consultant at NCC Group, tested multiple aspects of six mid-range enterprise printers, including web application and web services and firmware and update capability, as well as carrying out hardware analysis.


Testing of the printers, manufactured by HP, Ricoh, Xerox, Lexmark, Kyocera and Brother, uncovered a wide range of vulnerability types using basic tools, some of which date back thirty or forty years. Some vulnerabilities were also uncovered within minutes of starting the research.


The issues varied in severity. The potential impact of exploiting them ranged from denial of service attacks that could lead to the crash of printers, the addition ..

Support the originator by clicking the read the rest link below.