Vulnerability Note VU#281284
Samsung Printer firmware contains a hardcoded SNMP community string
Samsung printers contain a hardcoded SNMP community string that could allow a remote attacker to take control of an affected device.
Samsung printers (as well as some Dell printers manufactured by Samsung) contain a hardcoded SNMP full read-write community string that remains active even when SNMP is disabled in the printer management utility.
A remote, unauthenticated attacker could access an affected device with administrative read/write privileges. Secondary impacts include: the ability to make changes to the device configuration, access to sensitive information (e.g., device and network information, credentials, and information passed to the printer), and possibility the ability to leverage further attacks through arbitrary code execution.
Samsung and Dell have stated that models released after October 31, 2012 are not affected by this vulnerability. Samsung has also indicated that they will be releasing a patch tool later this year to address vulnerable devices.
Dell also indicated that they have released updated firmware for all affected models currently being sold to address this vulnerability. A copy of this updated firmware is available for download at: http://del.ly/PrinterSNMPFix
Block Port 1118/udp
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Dell Computer Corporation, Inc.||Affected||23 Aug 2012||07 Dec 2012|
|Samsung||Affected||23 Aug 2012||29 Nov 2012|
CVSS Metrics (Learn More)
Thanks to Neil Smith for reporting this vulnerability
This document was written by Katie Steiner
- CVE IDs: CVE-2012-4964
- Date Public: 26 Nov 2012
- Date First Published: 26 Nov 2012
- Date Last Updated: 07 Dec 2012
- Document Revision: 49
If you have feedback, comments, or additional information about this vulnerability, please send us email.