What maximum a remote attacker can do just by having your Fax machine number?
Believe it or not, but your fax number is literally enough for a hacker to gain complete control over the printer and possibly infiltrate the rest of the network connected to it.
Researchers have discovered details of 2 vital remote code execution (RCE) vulnerabilities they found within the communication protocols employed in tens of innumerable fax machines globally.
You might be thinking who uses Fax these days!
Well, Fax isn’t a factor of the past. With over 300 million fax numbers and forty five million fax machines in use globally, Fax remains popular among many business organizations, regulators, lawyers, bankers, and land corporations.
Since most fax machines are nowadays integrated into all-in-one printers, connected to a WLAN network and PSTN connector, a distant attacker will merely send a specially-crafted image file via fax to use the reportable vulnerabilities and seize management of an enterprise or home network.
All the attacker has to exploit these vulnerabilities could be a Fax range, which might be simply found just by browsing a company web site or requesting it directly.
Dubbed Faxploit, the attack involves 2 buffer overflow vulnerabilities—one triggers whereas parsing COM markers (CVE-2018-5925) and another stack-based issue happens whereas parsing DHT markers (CVE-2018-5924), that results in remote code execution.
We sent a picture file loaded with malicious payload through the connector, and as before long because the fax machine receives it, the image is decoded and uploaded into the fax-printer’s memory.
In their case, we used NSA-developed EternalBlue and Double neutron star exploits, that was leaked by the Shadow Brokers cluster and was behind the WannaCry ransomware world outcry last year, to require over the connected machine and any unfold the malicious code through the network.
Attackers will code the image file with malware together with ransomware, cryptocurrency miners, or police investigation tools, relying upon their targets of interest and motives.
We disclosed their findings to Hewlett Packard, which quickly fixed the flaws in its all-in-one printers and deployed firmware patches in response. A patch is available on HP’s support page.
However, the researchers believe the same vulnerabilities could also impact most fax-based all-in-one printers sold by other manufacturers and other fax implementation, such as fax-to-mail services, standalone fax machines, and more.