Researchers at Ruhr University Bochum in Germany say they’re discovered security vulnerabilities in some 20 popular brand-name network printers, including Brother International, Dell, HP Inc., Lexmark International, Samsung, and others.
Jens Müller and two other researchers at Ruhr University Bochum wrote about their findings – which they researched for about a year – this week in a blog post.
The researchers state that before performing attacks on the some 20 printers, they of course installed the newest firmware on each printer. They state that the “results of our evaluation show that we could find multiple attacks against each printer. For example, simple DoS (denial of service) attacks with malicious PostScript files containing infinite loops are applicable to each printer. Only the HP LaserJet M2727nf had a watchdog mechanism and restarted itself after about 10 minutes. Physical damage could be caused to about half of the tested device within 24 hours of NVRAM stressing. For a majority of devices, print jobs could be manipulated or captured.” The researchers state that physical damage can include physically destroying the printer.
Other attacks might involve hacking of the printer’s page description language, and enabling permanent modifications that could lead to attacks involving manipulating users’ print jobs – such, as for instance, overlaying objectionable graphics or photos to be printed, or even to replace text in print jobs “by redefining the ‘showpage’ and ‘show’ PostScript operators.”
The chart below summarizes the researchers’ findings:
As can be seen, with several printers, print-jobs can potentially be obtained as they’re being sent to the printer; printers can potentially be re-set to their factory defaults’ and, in some case, hackers could obtain an enterprise’s network credentials in order to gain considerable access into the organization.
The research team importantly notes that, because of financial obstacles,” it selected printers obtained from various university chairs and facilities,” seeking to obtain “”at least one model for each of the top ten manufacturers, we practically took what we could get.”
Complete results of the researchers’ findings are available here.
- January 2017: HP: Battle Hackers with these Printer Security Solutions
- December 2016: HP Redesigns MPS to Protect Networked Copier/MFPs, Printers Now Pre-Configured for Security
- October 2016: Two Security Vulnerabilities Found in Lexmark MarkVision Enterprise Fleet-Management Application
- September 2016: A Closer Look at HP’s New LaserJet and PageWide MFPs Said to Feature Better Reliability, Monitoring, Security, and More
- May 2016: New Samsung Server-Less Business Core 2.0 Apps for Document Workflows, Print Tracking and Security
- September 2015: This Week in Imaging: Printer and MFP/Copier Security Isn’t Just for Large Enterprises
- September 2015: The Internet of Things – Including Printers – Poses Significiant Security Risks, Warns FBI
- June 2015: HP Enhances Printer-Security Solutions, Adds New Proactive Print Advisor Service
- April 2015: New HP Suite of Security Solutions Includes Threat Detection, User Profiling, Cloud Protection
- September 2014: HP Locks Down Printers with New Security Features, Advisory Services, ArcSight Printer Integration, Cloud Pull Print, More