Exploit makes it possible to invade networks via fax
Security researchers have found a vulnerability in the fax protocol that allows them to attack fax machines using just the fax number. They managed to break into a network and steal documents through an HP all-in-one.
The Check Point researchers have named their exploit Faxsploit. They demonstrated this by attacking an all-in-one printer-cum-fax machine, but the researchers say more machines are likely to be vulnerable, as they exploit a flaw in the fax protocol. HP has since released two updates for OfficeJet printers to close the vulnerability. Those updates show that these are buffer overflow vulnerabilities.
In a video, Check Point demonstrates that simply sending exploit code to a fax number over the telephone line is enough to infect the HP OfficeJet. A network can be penetrated further via that machine, if it is connected to, for example, a company network. The researchers use the EternalBlue exploit to access systems via fax and steal files.
To protect themselves from Faxploit, companies must stop using fax or at least put it in a separate segment of a network, with important systems in other segments shielded. Fax machines are still in widespread use in many countries, including Germany and Japan.