Ricoh Says All MFPs Free of Fax-Hack Vulnerability

Ricoh Company of Japan this week issued a notice stating that its copier/MFPs are not affected by a fax security vulnerability because its fax implementation does not include the JPEG processing exploited in the hack.

 The fax security vulnerability was identified by researchers at Check Point Software Technologies  earlier this month.

With this fax vulnerability, researchers exploited the fax protocol of several HP Inc. MFPs/All-in-Ones  to take control of the device by sending a fax via telephone line and then gained access to the connected network.

A company’s fax number is the only thing required to carry out the attack. The researchers at Check Point stated that they used HP Inc. All-in-Ones as their test case, and cooperated with HP to ensure a patch for the vulnerability was provided for HP products. But they noted similar attacks could apply to other vendors, as the vulnerability lies in the fax protocol itself, which could enable hackers to gain access to a company’s entire network.

The hack works by sending an image file through the phone line — or a file that the fax machine thinks is an image file — and that is coded to contain malicious software. When a company receives the photo, the image is decoded and uploaded into the fax-printer’s memory, allowing hackers to take over the device and spread the malicious code through the network.

Ricoh had previously stated that it was still investigating three MFPs – theSP 3600SF/3610S, Aficio SP 1200S, and Aficio SP 4410SF/4420SF – but now states that all models are free of the vulnerability.

The firm explained that its MFPs are not affected by the vulnerability because its fax implementation doesn’t include the JPEG processing exploited in this case.

It also stated: “We continue to study security trends and take all appropriate action necessary to ensure the security of our devices.”



%d bloggers like this: