Home News Hundreds of thousands of printers were left vulnerable to hacking

Hundreds of thousands of printers were left vulnerable to hacking

May 12, 2022

542

A vulnerability in several models of Konica Minolta printers just before the breakout of the pandemic left many devices vulnerable to physical access attacks.

Threat actors could have exploited the vulnerabilities discovered by researchers at SEC Consult Vulnerability Lab via physical access to a printer’s touchscreen terminal. According to the maker of investigated devices, Konica Minolta, hundreds of thousands of machines were affected.

Threat actors could have potentially gotten full read and write access to the printer’s operating system and data as root. This would have allowed an attacker to manipulate and compromise the printer and its user.

The researchers carried out the analysis in late 2019, looking into two Konica Minolta C3300i and C3350i multi-function printers (MFPs). The investigation resulted in the discovery of three separate vulnerabilities.

The first one (CVE-2022-29586) allowed an attacker to get full access to the underlying OS of the printer as well as a file system. The vulnerability would have allowed an attacker to access configuration files, passwords in clear text, proprietary scripts, and other data if exploited.

Another vulnerability (CVE-2022-29588) exposed a folder named ADMINPASS, which contained the administrator password for the printer terminal and web interface in plain text.

Similarly to the previous one, the third one (CVE-2022-29587) allowed access to files that contained administrator passwords.

According to the researchers, Konica Minolta started fixing the vulnerabilities at the beginning of 2020. However, the pandemic’s start limited the patching pace since the firmware had to be updated manually.

Experts point out that printer security is an often overlooked feature of office life. Modern printers have a similar hard-drive capacity as a laptop made two or three years ago. A smart printer can serve as an access point for further movement down the targeted network.

More from Cybernews:

Hacktivists in Russo-Ukrainian war: an army of monkeys or NATO-trained combatants?

Is the US headed for the Great Exfiltration?

Starlink: fighting for Ukraine on the cyber front

How retail is embracing digital twins

‘No face, no case… no more’ – US court jails crooks for online ID fraud

Subscribe to our newsletter

Hundreds of thousands of printers were left vulnerable to hacking

More from Cybernews:

Follow us on Instagram @thecyberpost

EDITOR PICKS

Palo Alto PAN-OS Command Execution / Arbitrary File Creation

Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution

Gambio Online Webshop 4.9.2.0 Remote Code Execution

POPULAR POSTS

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

Sniffle – A Sniffer For Bluetooth 5 And 4.X LE

Domhttpx – A Google Search Engine Dorker With HTTP Toolkit Built...

POPULAR CATEGORY

Russian operation masqueraded as right-wing news site to target U.S. voters

TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks

Nearly half of all businesses have experienced a data breach in...