Linked by Howard Fosdick on Sat 31st Dec 2011 07:57 UTC
Bugs & Viruses Columbia University researchers claim millions of HP printers could be open to remote attack via unsecured Remote Firmware Updates. Cybercriminals could steal personal information or attack otherwise secure networks. HP agrees there is a theoretical security problem but says no customer has ever reported unauthorized printer access. The company denies some of the claims and is still investigating others.
Thread beginning with comment 501765
To read all comments associated with this story, please click here.
Not just printers
by Alfman on Sat 31st Dec 2011 09:24 UTC
Alfman
Member since:
2011-01-28

I've seen this of consumer NAS devices too, where the firmware can be flashed over the network without any password at all.

Ideally, all firmware changes would require the administrator password. And a device reset would require a physical button.

Reply Score: 6