Summary
This host has Samsung Printer firmware and is prone to authentication bypass vulnerability.
Impact
Successful exploitation will allow attackers to access an affected device with administrative privileges, make changes to the device configuration and access to sensitive information.
Impact Level: System/Application
Solution
Upgrade Samsung Printer to 20121031 or later,
http://www.samsung.com/in/consumer/pc-peripherals-printer/laser-printer-multifunction/
Insight
Samsung printers (as well as some Dell printers manufactured by Samsung) contain a hardcoded SNMP full read-write community string that remains active even when SNMP is disabled in the printer management utility.
Affected
Samsung Printers firmware version prior to 20121031
NOTE: Samsung has stated that models released after October 31, 2012 are not affected by this vulnerability. Samsung has also indicated that they will be releasing a patch tool later this year to address vulnerable devices.
References
Severity
Classification
-
CVE CVE-2012-4964 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities