Vulnerabilities in fax machines could let hackers infiltrate a network

All-in-one devices should now be considered a possible infiltration vector into the corporate network, researchers warn

fax machine with send button pressed

Researchers have discovered several critical vulnerabilities in the fax functionalities of all-in-one printers that can allow an attacker to seize complete control of a machine.

Seeking to establish what an attacker could accomplish armed with just a phone line and a target fax number, Check Point Research found that by sending a maliciously-crafted fax it was possible to infiltrate an organisation's network.

Disclosing the vulnerabilities at DEFCON 26, hosted in Las Vegas, yesterday, they showcased how an attacker could then maximise this opportunity via EternalBlue, a leaked NSA-developed hacking tool, to exploit any PC connected to the same network.

The infiltrated computers can be used to send data back to the attacker by sending another fax.

"Using nothing but a phone line, we were able to send a fax that could take full control over the printer, and later spread our payload inside the computer network accessible to the printer," said Check Point Research's Eyal Itkin and Yaniv Balmas.

"We believe that this security risk should be given special attention by the community, changing the way that modern network architectures treat network printers and fax machines.

"From now on, a fax machine should be treated as a possible infiltration vector into the corporate network."

The team of researchers tested their exploit on HP Officejet Pro 6830 all-in-one printers, but said they "strongly believe that similar vulnerabilities apply to other fax vendors too as this research concerns the fax communication protocols in general".

Despite being considered a technological relic in the age of instant messaging, text and video calls, fax machines are still widely-used in businesses and organisations across the world.

For instance, Check Point Research estimated there are more than 300 million fax numbers in use, while they say financial reports from Wall Street reveal tens of millions of all-in-one printers are sold worldwide each year.

Meanwhile, a poll conducted by the Royal College of Surgeons (RCS) last month revealed that almost 9,000 fax machines are in use across the NHS - highlighting the widespread use of fax technology in the UK public sector, and the accompanying security risks.

Check Point Research said it worked closely with HP to fix the vulnerability after alerting them to the issues in May, culminating in a patch that was released on 1 August. But the research team said the vulnerability is not exclusive to all-in-one printers and that similar flaws may be found in fax-to-mail services and standalone fax machines.

Although they haven't spotted this exploit being executed in a real-world context, the researchers nonetheless recommended that HP Officejet all-in-one users follow the vendor's instructions on patching their printers.

Featured Resources

Unleashing the power of AI initiatives with the right infrastructure

What key infrastructure requirements are needed to implement AI effectively?

Download now

Achieve today. Plan tomorrow. Making the hybrid multi-cloud journey

A Veritas webinar on implementing a hybrid multi-cloud strategy

Download now

A buyer’s guide for cloud-based phone solutions

Finding the right phone system for your modern business

Download now

The workers' experience report

How technology can spark motivation, enhance productivity and strengthen security

Download now

Recommended

TikTok vulnerability exposed private user data
data protection

TikTok vulnerability exposed private user data

26 Jan 2021
SonicWall hacked via zero-day flaw in remote access tools
Security

SonicWall hacked via zero-day flaw in remote access tools

25 Jan 2021
Global ransom DDoS extortionists are retargeting companies
distributed denial of service (DDOS)

Global ransom DDoS extortionists are retargeting companies

22 Jan 2021
Best ransomware removal tools
ransomware

Best ransomware removal tools

22 Jan 2021

Most Popular

How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
WhatsApp could face €50 million GDPR fine
General Data Protection Regulation (GDPR)

WhatsApp could face €50 million GDPR fine

25 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021