{"id":108372,"date":"2019-10-11T15:36:57","date_gmt":"2019-10-11T19:36:57","guid":{"rendered":"http:\/\/rbach.net\/index.php\/"},"modified":"2023-06-08T17:42:12","modified_gmt":"2023-06-08T21:42:12","slug":"how-secure-are-your-printers","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/how-secure-are-your-printers\/","title":{"rendered":"How Secure are Your Printers?"},"content":{"rendered":"<p><a href=\"https:\/\/web.archive.org\/web\/20240707034050\/https:\/\/etc.usf.edu\/clipart\/44800\/44880\/44880_guten_press.htm\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-108395\" title=\"How Secure are Your Printers?\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/print_press_guten-1.gif?resize=91%2C90&#038;ssl=1\" alt=\"How Secure are Your Printers?\" width=\"91\" height=\"90\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/print_press_guten-1.gif?resize=150%2C150&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/print_press_guten-1.gif?resize=75%2C75&amp;ssl=1 75w\" sizes=\"auto, (max-width: 91px) 100vw, 91px\" \/><\/a>Printers are under the security microscope again. Printers are IoT devices that sit on the network and never get updated. I have covered some of the problems that printers cause <a href=\"https:\/\/wp.me\/p2wgaW-5r7\" target=\"_blank\" rel=\"noopener noreferrer\">a number<\/a> <a href=\"https:\/\/wp.me\/p2wgaW-5r7\" target=\"_blank\" rel=\"noopener noreferrer\">of times<\/a> on the <a href=\"https:\/\/rbach.net\/\" target=\"_blank\" rel=\"noopener noreferrer\"><em>Bach Seat<\/em><\/a>. And now <strong>more vulnerabilities<\/strong> have been identified by UK-based security consultancy <a href=\"https:\/\/www.nccgroup.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">NCC Group<\/a> in six <strong>popular enterprise printers<\/strong>.<\/p>\n<h3>Vulnerabilities in printers<\/h3>\n<p><a href=\"https:\/\/www.nccgroup.com\/\" target=\"_blank\" rel=\"noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-108400\" title=\"NCC Group logo\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/nccgroup_logo.png?resize=70%2C70&#038;ssl=1\" alt=\"NCC Group logo\" width=\"70\" height=\"70\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/nccgroup_logo.png?resize=75%2C75&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/nccgroup_logo.png?resize=150%2C150&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/nccgroup_logo.png?w=200&amp;ssl=1 200w\" sizes=\"auto, (max-width: 70px) 100vw, 70px\" \/><\/a>The research team was made up of Daniel Romero, managing security consultant and research lead, and Mario Rivas, security consultant at <strong>NCC Group<\/strong>. They identified several <strong>classes of vulnerabilities<\/strong> in printers including:<\/p>\n<ul>\n<li><strong>Denial of service<\/strong> attacks that could crash printers;<\/li>\n<li>The ability to add back-doors into printers to maintain attacker persistence on a network.<\/li>\n<li>The ability to <strong>spy on every print job<\/strong> sent to vulnerable printers.<\/li>\n<li>The ability to <strong>forward print jobs to an external<\/strong> internet-based attacker.<\/li>\n<\/ul>\n<p>Matt Lewis, research director at NCC Group <a href=\"https:\/\/www.computerweekly.com\/news\/252468138\/NCC-Group-warns-of-security-risks-of-leading-printers?vgnextfmt=print\" target=\"_blank\" rel=\"noopener noreferrer\">told\u00a0<\/a> <a href=\"https:\/\/www.computerweekly.com\/\" target=\"_blank\" rel=\"noopener noreferrer\"><em>ComputerWeekly<\/em><\/a>,<\/p>\n<p style=\"text-align: justify; padding-left: 30px;\"><em>Because printers have been around for decades, they\u2019re not typically regarded as enterprise IoT [internet of things devices], yet they are embedded devices that connect to sensitive corporate networks and therefore demonstrate the potential risks and security vulnerability posed by enterprise IoT.<\/em><\/p>\n<h3>Who to blame<\/h3>\n<p>There is plenty of blame to share for most of these latest vulnerabilities. Mr. Lewis says the manufacturers are causing these problems by neglecting to build security into their products.<\/p>\n<p style=\"text-align: justify; padding-left: 30px;\"><em><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-108403\" title=\"Finger point for printer vulnerabilites\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/Finger_Pointing-1.png?resize=129%2C80&#038;ssl=1\" alt=\"Finger point for printer vulnerabilites\" width=\"129\" height=\"80\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/Finger_Pointing-1.png?resize=150%2C93&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/Finger_Pointing-1.png?resize=75%2C47&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/Finger_Pointing-1.png?w=698&amp;ssl=1 698w\" sizes=\"auto, (max-width: 129px) 100vw, 129px\" \/>Building security into the development life-cycle would mitigate most, if not all, of these vulnerabilities and so it\u2019s therefore important that manufacturers continue to invest in and improve cybersecurity, including secure development training and carrying out thorough security assessments of all devices<\/em>.<\/p>\n<p>End-users have to take some of the blame as well according to NCC Group<\/p>\n<p style=\"text-align: justify; padding-left: 30px;\"><em>Corporate IT teams can also make small changes to safeguard their organization from IoT-related vulnerabilities, such as changing default settings, developing and enforcing secure printer configuration guides, and regularly updating firmware.<\/em><\/p>\n<h3>Impacted printer models<\/h3>\n<p>The printers tested by the researchers were from HP, Ricoh, Xerox, Brother, Lexmark, and Kyocera.<\/p>\n<p><a href=\"https:\/\/www.hp.com\/\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-108396\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/hp_logo.png?resize=70%2C70&#038;ssl=1\" alt=\"\" width=\"70\" height=\"70\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/hp_logo.png?resize=75%2C75&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/hp_logo.png?resize=150%2C150&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/hp_logo.png?w=750&amp;ssl=1 750w\" sizes=\"auto, (max-width: 70px) 100vw, 70px\" \/><\/a>The NCC Group found <a href=\"https:\/\/www.nccgroup.com\/uk\/our-research\/technical-advisories-multiple-vulnerabilities-in-HP-printers\/?research=Technical+advisories\" target=\"_blank\" rel=\"noopener noreferrer\">vulnerabilities<\/a> in <strong><a title=\"HP\" href=\"http:\/\/www.hp.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">HP<\/a> <\/strong>(<a title=\"NYSE : HPQ\" href=\"https:\/\/www.nyse.com\/quote\/XNYS:HPQ\" target=\"_blank\" rel=\"noopener noreferrer\">HPQ<\/a>) printers. The <a href=\"https:\/\/store.hp.com\/us\/en\/pdp\/hp-color-laserjet-pro-mfp-m281fdw?jumpid=cp_marketing:catalog:pdp\" target=\"_blank\" rel=\"noopener noreferrer\">Color LaserJet Pro MFP<\/a> <a href=\"https:\/\/store.hp.com\/us\/en\/pdp\/hp-color-laserjet-pro-mfp-m281fdw?jumpid=cp_marketing:catalog:pdp\" target=\"_blank\" rel=\"noopener noreferrer\">M281fdw<\/a> printers have buffer overflows, cross-site scripting (XSS) vulnerabilities, and cross-site forgery countermeasures bypass.<\/p>\n<p>HP has posted firmware updates to address potential vulnerabilities to some of its <strong>Color LaserJet series<\/strong>. &#8220;<em>HP encourages customers to keep their systems updated to protect against vulnerabilities,<\/em>&#8221; the company said in a statement.<\/p>\n<p><a href=\"https:\/\/www.lexmark.com\/\" target=\"_blank\" rel=\"noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-108398\" title=\"Lexmark logo\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/lexmark_logo.png?resize=60%2C60&#038;ssl=1\" alt=\"Lexmark logo\" width=\"60\" height=\"60\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/lexmark_logo.png?resize=75%2C75&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/lexmark_logo.png?resize=150%2C150&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/lexmark_logo.png?w=400&amp;ssl=1 400w\" sizes=\"auto, (max-width: 60px) 100vw, 60px\" \/><\/a>The <a href=\"https:\/\/research.nccgroup.com\/2019\/05\/28\/technical-advisory-multiple-vulnerabilities-in-lexmark-printers\/\" target=\"_blank\" rel=\"noopener noreferrer\">vulnerabilities<\/a> in <strong><a href=\"https:\/\/www.lexmark.com\/en_us.html\" target=\"_blank\" rel=\"noopener noreferrer\">Lexmark<\/a><\/strong> <a href=\"https:\/\/www.lexmark.com\/en_us\/printer\/7944\/Lexmark-CX310dn\" target=\"_blank\" rel=\"noopener noreferrer\">CX310DN printers<\/a> NCC Group found include denial of service vulnerability, information disclosure vulnerabilities, lack of cross-site request forgery countermeasures, and lack of account lockout.<\/p>\n<p>The NCC Group found <a href=\"https:\/\/research.nccgroup.com\/2019\/07\/08\/technical-advisory-multiple-vulnerabilities-in-kyocera-printers\/\" target=\"_blank\" rel=\"noopener noreferrer\">Vulnerabilities<\/a> in <a title=\"Kyocera\" href=\"http:\/\/global.kyocera.com\/index.html\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Kyocera<\/strong><\/a> (<a title=\"NYSE : KYO\" href=\"https:\/\/www.tradingview.com\/symbols\/OTC-KYOCY\/\" target=\"_blank\" rel=\"noopener noreferrer\">KYO<\/a>) <a href=\"https:\/\/www.kyoceradocumentsolutions.co.uk\/en\/products\/mfp\/ECOSYSM5526CDW.html\" target=\"_blank\" rel=\"noopener noreferrer\">Ecosys M5526cdw<\/a> printers. The security holes include buffer overflows, broken access controls, cross-site scripting vulnerabilities, and lack of cross-site request forgery countermeasures.<\/p>\n<p>NCC Group identified stack buffer overflows, heap overflows and information disclosure <a href=\"https:\/\/research.nccgroup.com\/2019\/07\/08\/technical-advisory-multiple-vulnerabilities-in-brother-printers\/\" target=\"_blank\" rel=\"noopener noreferrer\">vulnerabilities<\/a> in <a title=\"Brother\" href=\"http:\/\/www.brother-usa.com\/\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Brother<\/strong><\/a> (<a title=\"Brother Industries ltd\" href=\"https:\/\/www.tradingview.com\/symbols\/TSE-6448\/\" target=\"_blank\" rel=\"noopener noreferrer\">6448<\/a>) <a href=\"https:\/\/www.brother-usa.com\/products\/hll8360cdw\" target=\"_blank\" rel=\"noopener noreferrer\">HL-L8360CDW<\/a> printers.<\/p>\n<p>The <a href=\"https:\/\/research.nccgroup.com\/2019\/07\/08\/technical-advisory-multiple-vulnerabilities-in-ricoh-printers\/\" target=\"_blank\" rel=\"noopener noreferrer\">vulnerabilities<\/a> reported in <strong><a href=\"https:\/\/www.ricoh-usa.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Ricoh<\/a><\/strong> (<a href=\"https:\/\/www.tradingview.com\/symbols\/OTC-RICOY\/\" target=\"_blank\" rel=\"noopener noreferrer\">RICOY<\/a>) <a title=\"SP C250DN\" href=\"https:\/\/www.ricoh-usa.com\/en\/products\/pd\/equipment\/printers-and-copiers\/printers\/sp-c250dn-color-laser-printer\" target=\"_blank\" rel=\"nofollow noopener\">SP C250DN<\/a> printers include buffer overflows, lack of account lockout, information disclosure vulnerabilities, denial of service vulnerabilities, lack of cross-site request forgery countermeasures, and hard-coded credentials.<\/p>\n<p><a href=\"https:\/\/www.xerox.com\" target=\"_blank\" rel=\"noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-108397\" title=\"Xerox logo\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/xerox-logo-e1570817866567-75x75.png?resize=71%2C70&#038;ssl=1\" alt=\"https:\/\/www.xerox.com\" width=\"71\" height=\"70\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/xerox-logo-e1570817866567.png?resize=75%2C75&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/xerox-logo-e1570817866567.png?resize=150%2C148&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/xerox-logo-e1570817866567.png?resize=768%2C760&amp;ssl=1 768w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/xerox-logo-e1570817866567.png?w=1016&amp;ssl=1 1016w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/xerox-logo-e1570817866567.png?w=960&amp;ssl=1 960w\" sizes=\"auto, (max-width: 71px) 100vw, 71px\" \/><\/a>NCC Group claims the <strong><a title=\"Xerox\" href=\"http:\/\/www.xerox.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Xerox<\/a><\/strong> (<a title=\"NYSE | XRX\" href=\"https:\/\/www.tradingview.com\/symbols\/NASDAQ-XRX\/\" target=\"_blank\" rel=\"noopener noreferrer\">XRX<\/a>) <a href=\"https:\/\/www.office.xerox.com\/en-us\/printers\/phaser-3320\" target=\"_blank\" rel=\"noopener noreferrer\">Phaser 3320<\/a> printer <a href=\"https:\/\/research.nccgroup.com\/2019\/07\/08\/technical-advisory-multiple-vulnerabilities-in-xerox-printers\/\" target=\"_blank\" rel=\"noopener noreferrer\">vulnerabilities<\/a> include buffer overflows, cross-site scripting vulnerabilities, lack of cross-site request forgery countermeasures, and lack of account lockout.<\/p>\n<p>All of the vulnerabilities discovered during this research have either been patched or are in the process of being patched by the relevant manufacturers. NCC Group recommends that system administrators update any affected printers to the latest firmware available, and monitor for any further updates.<\/p>\n<h6>Related articles<\/h6>\n<ul>\n<li><a href=\"https:\/\/web.archive.org\/web\/20221226110141\/https:\/\/www.wsj.com\/articles\/hp-has-no-easy-way-out-of-printer-jam-11570203437\" target=\"_blank\" rel=\"noopener noreferrer\">HP Has No Easy Way Out of Printer Jam <\/a> (<a href=\"https:\/\/www.wsj.com\/\">Wall Street Journal<\/a>)<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><em><a title=\"Ralph Bach\" href=\"https:\/\/rbach.net\/index.php\/new-resume\/\" target=\"_blank\" rel=\"noopener noreferrer\">Ralph Bach<\/a>\u00a0has been in IT long enough to know better and has blogged from his\u00a0<a title=\"Bach Seat\" href=\"https:\/\/rbach.net\/\" target=\"_blank\" rel=\"noopener noreferrer\">Bach Seat<\/a> about IT, careers, and anything else that catches his attention since 2005. You can follow him on <a class=\"broken_link\" href=\"http:\/\/www.linkedin.com\/in\/rb48334\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">LinkedIn<\/a>,\u00a0<a href=\"https:\/\/www.facebook.com\/ralph.bach.14\" target=\"_blank\" rel=\"noopener noreferrer\">Facebook<\/a>,\u00a0and\u00a0<a href=\"https:\/\/twitter.com\/rbach48334\" target=\"_blank\" rel=\"noopener noreferrer\">Twitter<\/a>. Email the Bach Seat\u00a0<a href=\"mailto:\/\/bach.seat@gmail.com\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Update printers because vulnerabilities have been found in HP, Ricoh, Xerox, Brother, Lexmark, and Kyocera printers that can lead to APT, DOS,  and data theft<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[3161,1165,2631,3360,3361,1748,168,944,3362,75,4,828],"class_list":["post-108372","post","type-post","status-publish","format-standard","hentry","category-security","tag-3161","tag-apt","tag-backdoor","tag-brother","tag-data-theft","tag-ddos","tag-hp","tag-iot","tag-ncc-group","tag-printer","tag-security","tag-xerox"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/108372","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/comments?post=108372"}],"version-history":[{"count":16,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/108372\/revisions"}],"predecessor-version":[{"id":132223,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/108372\/revisions\/132223"}],"wp:attachment":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/media?parent=108372"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/categories?post=108372"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/tags?post=108372"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}