The United States Computer Emergency Readiness Team (US-CERT) has reported a security vulnerability in various Samsung printers and Dell-branded printers manufactured by Samsung that could allow an attacker to remotely take control of the device.
In other words, the printers have a backdoor admin account embedded into their firmware that doesn\’t require authentication to access. Thus, a hacker could gain control of the printer, and use his unwarranted admin privileges to access information, the printer\’s configuration, and other sensitive data.
US-CERT didn\’t specify which printers can be exploited in this manner, although Dell and Samsung did say that the vulnerability cannot be found on printers manufactured after October 31, 2012.
Dell has already released a firmware update to address the issue, while Samsung will be releasing a patch tool of its own this Friday. For now, though, the South Korean company is claiming that the exploit can be avoided by disabling the SNMP feature altogether, despite the fact that US-CERT\’s report says the exact opposite.