PITTSBURGH, Nov. 26 (UPI) -- Some printers made by South Korea's Samsung contain a hard-coded account that could let an attacker take control of the device remotely, security experts say.
The U.S. Computer Emergency Response Team reported a vulnerability in Samsung printers sold before Oct. 31 that have firmware that could allow hackers to access the printer and also capture data traffic if the printer is attached to a network, ZDNet reported Monday.
A Simple Network Management Protocol account in the firmware continues to permit access to the device even if management functions are disabled in the printer's software utility, experts said.
The protocol is meant to allow administrators to manage connected devices, including printers.
Once compromised, an attacker could use the printer to execute further attacks, experts said, such as executing arbitrary malicious code.
Samsung is working on a patch to fix the vulnerable devices and is expected to release it before the end of the year, ZDNet said.
