{"id":271727,"date":"2018-08-13T09:30:49","date_gmt":"2018-08-13T07:30:49","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=271727"},"modified":"2018-08-13T09:32:07","modified_gmt":"2018-08-13T07:32:07","slug":"fax-machines-are-a-massive-security-problem","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/271727-fax-machines-are-a-massive-security-problem.html","title":{"rendered":"Fax machines are a massive security problem"},"content":{"rendered":"

Researchers at Check Point have disclosed a security vulnerability in HP OfficeJet multi-function printers, Wired reported<\/a><\/strong>.<\/p>\n

The security flaw allows an attacker to compromise affected printers with a specially-crafted fax and potentially gain access to a target network.<\/p>\n

Fax is still widely used in several industries and is considered a secure method to transmit sensitive documents.<\/p>\n

Check Point warned that nothing could be further from the truth, however. Fax offers no encryption and no verification. Anyone who has tapped a phone line will potentially be able to snoop on faxes sent on it.<\/p>\n

There is also no way to prevent anyone from sending a malicious fax to a particular machine if it is connected to the phone network.<\/p>\n

This inspired the researchers to search for potential security problems in modern fax machines, especially those embedded in printers – which are also connected to computer networks.<\/p>\n

The researchers discovered an issue in HP OfficeJet printers which allows an attacker to trigger a stack overflow by sending the machine a malicious fax.<\/p>\n

A proof-of-concept exploit shows the researchers using the exploit to take over an HP OfficeJet printer and gain a foothold in a target network. They then use a second exploit, EternalBlue, to hack a computer on the same network.<\/p>\n

HP has released security patches to protect printers affected by the flaw.<\/p>\n