Old Printer Vulnerabilities Die Hard

New research on an old problem reveals despite efforts, the InfoSec professionals still have a way to go when it comes to securing printers.

Despite copious warnings and efforts by the security community to harden the defenses of printers, they continue to represent a ripe target for attackers.

Just this past summer researchers at Check Point found a vulnerability that allowed an attacker to compromise a multi-function printer with fax capabilities simply by sending a fax. In July, Positive Technology shared a proof-of-concept attack that shows how attackers can compromise a corporate network via installing a customized Xerox printer firmware on a targeted printer. In August, HP Inc. patched hundreds of inkjet models vulnerable to two vulnerable remote code execution flaws (CVE-2018-5924, CVE-2018-5925).

Read more…
Source: ThreatPost