Tag Archive for: photocopiers

Exploit code to hack Lexmark printers and photocopiers published, uses zero day vulnerabilities


The American corporation Lexmark International, Inc. is a privately owned business that specializes in the production of laser printers and other image goods.

The researcher found that the product is susceptible to two vulnerabilities, either of which can be exploited by an adversary to copy file data from a source path to a destination path or to induce the server-side application to make requests to an unintended location. Both of these vulnerabilities are possible due to the fact that the product is vulnerable to both of these vulnerabilities. According to the specialists, the printer has two vulnerabilities that enable an authorized hacker to upload arbitrary files and run code with elevated privileges. Both of these vulnerabilities may be exploited by a malicious user.

He published the code on Github that had a proof-of-concept (PoC) exploit for each of the four vulnerabilities. These vulnerabilities make it possible for an adversary to seize control of a vulnerable device.

According to the findings of the researcher, an attack may be carried out that compromises the device by exploiting all four of its vulnerabilities simultaneously.

The proof-of-concept attack has been successfully tested against a Lexmark MC3224adwe printer using the most recent version of the firmware, CXLBL.081.225; nevertheless, it is claimed to operate successfully against other printers and photocopiers as well.

The security flaw that was discovered in Lexmark’s printer devices has not been fixed.

Source…

Confused photocopiers randomly rewriting scanned documents

Photocopiers exist to produce close enough replicas of original documents. Traditionally, they just spit out the result onto paper. Most copiers these days can operate as (generally rather large) scanners, generating PDFs, TIFFs, or other electronic representations. But some Xerox copiers have recently been found to produce scans that, well, aren’t that close to the originals at all. The copiers are producing documents that look superficially similar to the originals but switch around numbers apparently at random.

German computer scientist David Kriesel wrote about the problem last week. He scanned some construction plans with a Xerox WorkCentre 7535 and noticed that the photocopier was resizing the rooms in his floorplans. One room annotated as being 21.11 square meters (roughly 277 square feet) got shrunk to 14.13 square meters (152 sq. ft.). So too did a room that should have been 17.42 square meters (187.5 sq. ft.). In both cases, the photocopier was taking the numbers from a third room—one that really should be 14.13 square meters—and using them for the other two rooms.

Further investigation revealed that this was not an isolated incident. A table of prices also came out wrong: a price of €65.40 ($ 86.71) became €85.40 ($ 113.22).

Read 3 remaining paragraphs | Comments

    


Ars Technica » Technology Lab