Fax vulnerability in HP all-in-one printers
First published August 22nd, 2018
Latest update August 29th, 2018
Ricoh Company Ltd.
A vulnerability was recently disclosed by Check Point Software Technologies Ltd. wherein the fax protocol was exploited on a Hewlett Packard all-in-one printer to take control of the device by sending a crafted fax via telephone line and then gain access to the connected network.
Because the vulnerability is part of the fax protocol itself, it's suspected that devices from other manufacturers may also be susceptible to this kind of attack.
Ricoh multifunction devices are not affected by this vulnerability because our fax implementation does not include the JPEG processing exploited in this case.
We continue to study security trends and take all appropriate action necessary to ensure the security of our devices.