• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Home
  • About
  • Structure
  • Gradebook

ITACS 5211: Introduction to Ethical Hacking

Wade Mackey

Hackers can compromise your network just by sending a Fax

September 26, 2018 by Satwika Balakrishnan Leave a Comment

Two critical remote code execution (RCE) vulnerabilities have been identified in the communication protocols used by tens of millions of fax machines globally. Fax is still popular among several business organizations and bankers and there are more than 300 million fax numbers and 45 million fax machines in use globally. Most of the fax machines these days are connected with printers, a WiFi network and PSTN phone line, the attacker can seize control of the whole network by just send a specially-crafted image via fax. The attacker just needs the fax number in this case, which is publicly available information. The attackers could code the image file they plan to send with malware including ransomwares, cryptocurrency miners, or surveillance tools based on their motives.

The attack involves buffer overflow vulnerabilities which leads to remote code execution. The attack was demonstrated by Check Point Malware Research Team on HP Officejet Pro All-in-One fax printers, the HP Officejet Pro 6830 all-in-one printer and OfficeJet Pro 8720. HP quickly fixed the flaws in its all-in-one printers as soon as they got to know about the findings. However, the researchers believe that the same vulnerabilities could impact most of the fax-based all-in-one printers sold by other manufacturers as well.

https://thehackernews.com/2018/08/hack-printer-fax-machine.html

Filed Under: Week 04: Vulnerability Scanning Tagged With:

Reader Interactions

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • Uncategorized (14)
  • Week 01: Overview (7)
  • Week 02: TCP/IP and Network Architecture (18)
  • Week 03: Reconnaisance (17)
  • Week 04: Vulnerability Scanning (19)
  • Week 05: System and User Enumeration (17)
  • Week 06: Sniffers (17)
  • Week 07: NetCat and HellCat (15)
  • Week 08: Social Engineering, Encoding and Encryption (21)
  • Week 09: Malware (14)
  • Week 10: Web Application Hacking (17)
  • Week 11: SQL Injection (15)
  • Week 12: Web Services (25)
  • Week 13: Evasion Techniques (8)
  • Week 14: Review of all topics (15)

Copyright © 2025 · Magazine Pro Theme on Genesis Framework · WordPress · Log in