Some of the most popular printers currently in use could put users at risk due to serious security concerns.
Researchers from the NCC group have discovered significant vulnerabilities in six commonly used business printers that could expose companies to potential attacks and data breaches.
The vulnerabilities were discovered after the team tested various aspects of six mid-range business printers, including web applications and services, firmware and update features, and scans. of material.
The team tested HP, Ricoh, Xerox, Lexmark, Kyocera and Brother printers with basic tools to detect a wide range of vulnerabilities, some of which appear almost instantly.
Internet connected printers
If attackers exploited the vulnerabilities, the potential impact could be a denial-of-service attack that could lead to printers being locked, with back doors allowing attackers to maintain a hidden presence on a corporate network. or even the ability to spy on every print job. sent and sent print jobs to unauthorized third parties.
Fortunately, all the vulnerabilities discovered by the NCC group have been fixed or will be fixed in the near future. However, the company advises all system administrators to update all vulnerable printers with the latest firmware and to monitor subsequent updates.
NCC Group Research Director Matt Lewis provided additional information on the researchers' findings, stating:
"Since printers have been around for so long, they are not considered enterprise IoT devices, but they are embedded in corporate networks and therefore pose a significant risk. Integrating security into the development lifecycle would mitigate the most, if not all, of the vulnerabilities. "
"It is very important that manufacturers continue to invest in the security of all devices, as well as corporate IT teams must protect against vulnerabilities related to IoT, even with minor changes: default settings, application of secure configuration guides and regular updates. firmware ".