Fuji Xerox & Lexmark release a response to the hacking of the fax machines

September 5, 2018

 According to the report from Check Point Research - Faxploit: Sending Fax Back to the Dark Ages, Fuji Xerox has responded to this fax vulnerability: Fax Vulnerability Affecting HP Printers, below is their reply:

 

Description

Embedded fax may be vulnerable to remote code execution flaws.

 

What you need to know?

Check Point Research were able to gain access using a phone line to send a fax that could take full control over a Hewlett Packard all-in-one printer, and later spread a payload inside the computer network accessible to the printer.

 

What Is Xerox Doing About This?

Xerox completed assessment to Xerox products.

As a reminder, our Common Criteria Certified MFDs certify our design, which separates the fax processing and the network interface thereby preventing an interconnection between the Public Switch Telephone Network and the Internal Network.

 

Impact

Assessments indicate:

  • Xerox Devices built on Xerox ConnectKey Technology are not affected by the fax exploit

  • Production products are not affected as they do not have FAX capability

  • Light production products that do have a fax optional kit are not affected by the fax exploit

  • All Product platforms not mentioned here are not affected

 

And how about Lexmark? We found that Lexmark has already released the solution to user. The security disclosure article can be found here: Lexmark Security Advisory: Lexmark Buffer Overflow Vulnerability

 

Summary

Lexmark has identified a buffer overflow vulnerability in some models of multi-function devices handling of color fax jobs.

 

References

  • CVE-2018-15519

  • CVE-2018-15520

 

Details

  • CVE-2018-15519

This vulnerability allows an attacker with crafted fax data to attack a Lexmark multifunction device. The vulnerability allows a remote attacker to execute arbitrary code via crafted color fax data.

  • CVE-2018-15520

This vulnerability allows an attacker with crafted fax data to attack a Lexmark multifunction device. This vulnerability allows a remote attacker to crash the device, creating a denial of service condition, or possibly to have unspecified other impact via crafted color fax data.

 

Impact

  • CVE-2018-15519

Successful exploitation of this vulnerability can also lead to an attacker being able to remotely execute arbitrary code on a device.This condition may continue until the crafted fax data is wiped from the device.

 

  • CVE-2018-15520

Successful exploitation of this vulnerability can lead to an attacker being able to crash a device, resulting in a denial-of-service until the crafted fax data is wiped from the device.

 

Affected Products

Many Lexmark products support Fax, and are affected by this vulnerability when they receive and process color fax jobs.

 

To determine a devices firmware level, select the “Settings” > “Reports” > ”Menu Setting Page” menu item from the operator panel. If the firmware level listed under “Device Information” matches any level under “Affected Releases”, then you should upgrade to a “Fixed Release”.

 

CVE-2018-15519

 

CVE-2018-15520

 

Obtaining Updated Software

To obtain firmware that resolves this issue, or if you have special code, please contact Lexmark's Technical Support Center at http://support.lexmark.com/ to find your local support center.

 

Workarounds

Disabling the “Enable Color Fax Receive” feature on a device will block the ability to exploit this vulnerability.

Please reload

Recent Posts
Please reload

Search By Tags
Please reload

Pacific Logic Limited
Products
Enquiries
Follow Us
  • Pacific Logic Facebook
  • Pacific Logic Instagram
  • Pacific Logic YouTube
  • Pacific Logic Google+
  • Pacific Logic Twitter
Pacific Logic Logo Transparent.png

© 2016-19 Pacific Logic Limited. All rights reserved.