The report singles out Dell, HP Inc, Lexmark, Samsung and Brother printers as having “serious flaws” in security.
S C Magazine reported that a team of research academics found flaws that could allow hackers to “gain access and siphon out documents”. Printers connected to the internet from the named OEMs showed vulnerability for hackers to “steal passwords and gain control of the printers”, as well as access the printers’ memory. The research is to be presented at a security conference organised by Ruhr University in May.
The research carried out at Ruhr-University in Bochum, Germany, described “six security flaws” that could give hackers control of printer language like PostScript and PJL, and even though these have been pointed out to the OEMs, the flaws have not been patched. The German team developed a “Python toolkit” which took them a year, and they called it “Printer Exploitation Toolkit (PRET)” which enables “pen testers [to] locate vulnerable devices”, by finding a usable target, for instance an IP address of an unsecured printer.
The report also noted that these unpatched flaws could enable hackers to “search a printer’s memory for a company’s proprietary information” like patient records or contracts, and could also gain the printers network authorisations to access an entire network. OEMs of the printers named in the report were contacted in October but the report “claimed that only Dell responded”, even though afterwards the company didn’t follow up the report.