NCC Group uncovers over 35 vulnerabilities in six leading enterprise printers


Many of the issues allowed full compromise of machines and access to corporate networks

Researchers at NCC Group have uncovered significant vulnerabilities in six commonly used enterprise printers, highlighting the vast attack surface that can be presented by internet-connected printers.

During the research process, the team at the global cyber security and risk mitigation expert tested multiple aspects of six mid-range enterprise printers, including web application and web services and firmware and update capability, as well as carrying out hardware analysis.

Testing of the printers, manufactured by HP, Ricoh, Xerox, Lexmark, Kyocera and Brother, uncovered a wide range of vulnerability types using basic tools, some of which date back thirty or forty years. Some vulnerabilities were also uncovered within minutes of starting the research.

These findings, which will be presented by NCC Group’s researchers at DEF CON, Hack in the Box and 44Con, varied in severity. The potential impact of exploiting them ranged from denial of service attacks that could lead to the crash of printers, the addition of backdoors within compromised printers to maintain attacker persistence on a network, through to snooping on every print job sent to vulnerable printers and the ability to forward them to an external internet-based attacker.

All of the vulnerabilities discovered during this research have either now been patched or are in the process of being patched by the relevant manufacturers. It is recommended that system administrators now update any affected printers to the latest firmware available, and monitor for any further updates.

Matt Lewis, research director at NCC Group, said: “Because printers have been around for decades, they’re not typically regarded as enterprise IoT, yet they are embedded devices that connect to sensitive corporate networks, and therefore demonstrate the potential risks and security vulnerability posed by enterprise IoT.”

“Building security into the development lifecycle would mitigate most, if not all, of these vulnerabilities – it’s therefore important that manufacturers continue to invest in and improve cyber security, including secure development training and carrying out thorough security assessments of all devices.

“Corporate IT teams can also make small changes to safeguard their organisation from IoT-related vulnerabilities, such as changing default settings, developing and enforcing secure printer configuration guides and regularly updating firmware.”