Ricoh Says Nearly All Copier/MPFs Not Vulnerable to Fax Security Hack

Ricoh Company of Japan yesterday issued a security alert regarding a fax security vulnerability identified by researchers at Check Point Software Technologies last week.

With this fax vulnerability, researchers exploited the fax protocol of several HP Inc. All-in-Ones  to take control of the device by sending a fax via telephone line and then gained access to the connected network.

A company’s fax number is the only thing required to carry out the attack. The researchers at Check Point stated that they used HP Inc. All-in-Ones as their test case, and cooperated with HP to ensure a patch for the vulnerability was provided for HP products. But they noted similar attacks could apply to other vendors, as the vulnerability lies in the fax protocol itself, which could enable hackers to gain access to a company’s entire network.

The hack works by sending an image file through the phone line — or a file that the fax machine thinks is an image file — and that is coded to contain malicious software. When a company receives the photo, the image is decoded and uploaded into the fax-printer’s memory, allowing hackers to take over the device and spread the malicious code through the network.

Ricoh Response

Ricoh noted that because the vulnerability is part of the fax protocol itself, it’s suspected that devices from other manufacturers may also be susceptible to this kind of attack.

However, Ricoh  stated that its copier/MFPs aren’t affected by this vulnerability because its fax implementation doesn’t include the JPEG processing exploited in this case.

The remaining Ricoh devices listed below are currently under investigation.

  • SP 3600SF/3610SF
  • Aficio SP 1200SF
  • Aficio SP 4410SF/4420SF

Ricoh stated that it will continue to monitor this situation and take any appropriate action necessary to ensure the security of our devices. It will issued an update on the matter on August 29th.

A Ricoh spokesperson stated that 97-percent of Ricoh copier/MFPs are not vulnerable to the fax hack, and that Ricoh is investigating the remaining three percent.

Editor’s Note: This article has been updated for clarity.

%d bloggers like this: