News

Exploit makes it possible to invade networks via fax

By admin
Spread the love

Security researchers have found a vulnerability in the fax protocol that allows them to attack fax machines using just the fax number. They managed to break into a network and steal documents through an HP all-in-one.

The Check Point researchers have named their exploit Faxsploit. They demonstrated this by attacking an all-in-one printer-cum-fax machine, but the researchers say more machines are likely to be vulnerable, as they exploit a flaw in the fax protocol. HP has since released two updates for OfficeJet printers to close the vulnerability. Those updates show that these are buffer overflow vulnerabilities.

In a video, Check Point demonstrates that simply sending exploit code to a fax number over the telephone line is enough to infect the HP OfficeJet. A network can be penetrated further via that machine, if it is connected to, for example, a company network. The researchers use the EternalBlue exploit to access systems via fax and steal files.

To protect themselves from Faxploit, companies must stop using fax or at least put it in a separate segment of a network, with important systems in other segments shielded. Fax machines are still in widespread use in many countries, including Germany and Japan.

You might also like
News

EU Council determines position on security requirements for digital products

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Sony and Microsoft sign agreement to keep Call of Duty on PlayStation

News

Tesla has started production of Cybertruck, almost four years after its unveiling

News

Bambu Lab announces P1S 3D printer