Hacker: manipulated fax allows intrusion into corporate networks

Security experts have made a weak point at MFPs. Hackers could use the fax there to penetrate networks.

Hacker: manipulated fax allows intrusion into corporate networks

Security researchers from Israel and US have discovered a security vulnerability in MFPs that could exploit hackers for attacks. Using a manipulated fax, attacker could trigger a stack overflow and thus penetrate corporate networks, security company, Checkpoint Software, shared. The mistake was probably not only with market leader HP, but also in devices of or manufacturers.

During attack, a manipulated image file is sent to Faxeinheit of a Multifunktionsdruckers. The fax machine cannot process file properly and produces a memory overflow that allows hackers to acquire additional rights in networked device. This could serve as a starting point for furr attacks. For example, networks of banks could be attacked, said security researcher Eyal Itkin.

HP, manufacturer of affected multifunction printer, was pointed to vulnerability by checkpoint and released a software update. Experts fear that many owners of MFPs are not constantly providing ir equipment with latest updates.

The Faxtechniksei "absolutely uncertain," said Yaniv Balmas from checkpoint to portal Wired.com. It is an "ancient technology whose protocols have not changed in 30 years". However, fax machines are often in a network with or, protective devices.

Checkpoint stated that you actually have to stop using fax to ensure absolute security. If you still do not want to forgo fax, you must at least set up your own network only for fax machines and printers.

Date Of Update: 14 August 2018, 12:00