{"id":1886,"date":"2018-08-14T10:47:54","date_gmt":"2018-08-14T14:47:54","guid":{"rendered":"https:\/\/test.infinityns.ca\/?p=1886"},"modified":"2018-08-14T11:09:32","modified_gmt":"2018-08-14T15:09:32","slug":"vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines","status":"publish","type":"post","link":"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/","title":{"rendered":"Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines"},"content":{"rendered":"<div class=\"cz-news-story-title-section\">\n<div class=\"cz-news-title-left-area\">By\u00a0<a class=\"author\" style=\"font-size: 14.4px;\" href=\"https:\/\/www.bleepingcomputer.com\/author\/catalin-cimpanu\/\" rel=\"author\">Catalin Cimpanu<\/a><\/div>\n<p><span style=\"font-size: 14.4px;\">August 13, 2018<\/span><\/p>\n<\/div>\n<div class=\"articleBody\">\n<p><img loading=\"lazy\" src=\"https:\/\/www.bleepstatic.com\/content\/posts\/2018\/08\/13\/Faxploit.jpg\" alt=\"Fax machine\" width=\"1250\" height=\"455\" \/><\/p>\n<p>Two recently discovered vulnerabilities in the fax protocol can transform fax machines into entry points for hackers into corporate networks, two Check Point researchers revealed last week in a talk given at the DEF CON 26 security conference held in Las Vegas.<\/p>\n<p>Named &#8220;Faxploit,&#8221; this attack targets the ITU T.30 fax protocol, according to a copy of the\u00a0<a href=\"https:\/\/media.defcon.org\/DEF%20CON%2026\/DEF%20CON%2026%20presentations\/DEFCON-26-Yaniv-Balmas-What-The-FAX.pdf\" target=\"_blank\" rel=\"nofollow noopener\">DEF CON presentation<\/a>given by Eyal Itkin and Yaniv Balmas last week.<\/p>\n<p>More specifically, Faxploit leverages two buffer overflows in the fax protocol components that handle DHT and COM markers \u2014CVE-2018-5924 and CVE-2018-5925, respectively.<\/p>\n<div id=\"FIOnDemandWrapper_fiInstance_101902_0_2222114\" class=\"FIOnDemandWrapper\">\n<div class=\"apd_static_banner \"><\/div>\n<\/div>\n<h2>Fax machines used as entry points into corporate networks<\/h2>\n<p>Itkin and Balmas say that an attacker can send malformed fax images to a fax machine containing code that exploits these two vulnerabilities and then gain remote code execution rights over the targeted device, allowing the hacker to run his own code and take over the machine.<\/p>\n<p>From here, they say that an attacker can download and deploy other hacking tools that scan the local network and compromise nearby devices.<\/p>\n<p>The two researchers have recorded a demo of a Faxploit attack that compromises a fax machine and then uses this machine to download and deploy the EternalBlue exploit that infects nearby computers exposed via the SMB protocol.<\/p>\n<h2>Faxploit carried out via phone lines, not Internet connection<\/h2>\n<p>Itkin and Balmas say the Faxploit attack is dead simple, as a hacker only needs the victim&#8217;s fax number to target an organization.<\/p>\n<div id=\"FIOnDemandWrapper_fiInstance_101900_3_2222114\" class=\"FIOnDemandWrapper\">\n<div class=\"apd_static_banner \"><span style=\"color: #555555; font-size: 14.4px;\">Since most organizations print fax numbers on their websites, and Google has indexed over 300 million fax numbers, hackers can use Faxploit to target any organization around the world they want.<\/span><\/div>\n<\/div>\n<p><img loading=\"lazy\" src=\"https:\/\/www.bleepstatic.com\/images\/news\/u\/986406\/attacks\/Vulnerabilities\/faxploit-attack.png\" alt=\"Faxploit attack\" width=\"700\" height=\"306\" \/><\/p>\n<p>Furthermore, no direct Internet connection is needed to the actual fax machine as the attack code comes in via the phone line. This also makes preventing Faxploit almost impossible, as no security software scans incoming faxes.<\/p>\n<p>The only way to prevent Faxploit attacks is to apply patches to individual fax machines and all-in-one office printers, which also come with an embedded fax machine.<\/p>\n<h2>HP released patches, other fax vendors vulnerable too<\/h2>\n<p>At the time of writing, only HP has addressed Faxploit. The company released\u00a0<a href=\"https:\/\/support.hp.com\/us-en\/document\/c06097712\" target=\"_blank\" rel=\"nofollow noopener\">patches<\/a>\u00a0last week for HP Officejet all-in-one printers, the fax machine that the Check Point researchers used for recording their demo video.<\/p>\n<p>&#8220;We strongly believe that similar vulnerabilities apply to other fax vendors too as this research concerns the fax communication protocols in general,&#8221; Check Point said today.<\/p>\n<p>But while other vendors test their devices and release patches in the coming months, there is also a way to limit the impact of Faxploit attacks, if they ever happen.<\/p>\n<p>Itkin and Balmas say the simplest defense to neutralize Faxploit attacks is network segmentation. By breaking large corporate networks into smaller ones or by isolating fax machines on their own subnetworks, companies can limit the type of data an attacker can gain access to via this attack.<\/p>\n<\/div>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/vulnerabilities-in-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/vulnerabilities-in-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/<\/a><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>By\u00a0Catalin Cimpanu August 13, 2018 Two recently discovered vulnerabilities in the fax protocol can transform fax machines into entry points for hackers into corporate networks, two Check Point researchers revealed last week in a talk given at the DEF CON 26 security conference held in Las Vegas. Named &#8220;Faxploit,&#8221; this attack targets the ITU T.30 [&#8230;]\n","protected":false},"author":5,"featured_media":1894,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[92,72,75,91],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v18.5.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines<\/title>\n<meta name=\"description\" content=\"fax machines, printers, hackers, networks, phone lines, patches, Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines\" \/>\n<meta property=\"og:description\" content=\"fax machines, printers, hackers, networks, phone lines, patches, Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines\" \/>\n<meta property=\"og:url\" content=\"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/\" \/>\n<meta property=\"og:site_name\" content=\"Infinity Network Solutions\" \/>\n<meta property=\"article:published_time\" content=\"2018-08-14T14:47:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-08-14T15:09:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/test.infinityns.ca\/wp-content\/uploads\/2018\/08\/Bleeping-Computer-Facebook.png\" \/>\n\t<meta property=\"og:image:width\" content=\"557\" \/>\n\t<meta property=\"og:image:height\" content=\"167\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jayne\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/test.infinityns.ca\/#website\",\"url\":\"https:\/\/test.infinityns.ca\/\",\"name\":\"Infinity Network Solutions\",\"description\":\"We&#039;re experts at being experts.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/test.infinityns.ca\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-CA\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/#primaryimage\",\"inLanguage\":\"en-CA\",\"url\":\"https:\/\/test.infinityns.ca\/wp-content\/uploads\/2018\/08\/Bleeping-Computer-Facebook.png\",\"contentUrl\":\"https:\/\/test.infinityns.ca\/wp-content\/uploads\/2018\/08\/Bleeping-Computer-Facebook.png\",\"width\":557,\"height\":167},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/#webpage\",\"url\":\"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/\",\"name\":\"Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines\",\"isPartOf\":{\"@id\":\"https:\/\/test.infinityns.ca\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/#primaryimage\"},\"datePublished\":\"2018-08-14T14:47:54+00:00\",\"dateModified\":\"2018-08-14T15:09:32+00:00\",\"author\":{\"@id\":\"https:\/\/test.infinityns.ca\/#\/schema\/person\/ab6a7e098cdd3ccd793e3b9850893ff3\"},\"description\":\"fax machines, printers, hackers, networks, phone lines, patches, Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines\",\"breadcrumb\":{\"@id\":\"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/#breadcrumb\"},\"inLanguage\":\"en-CA\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/test.infinityns.ca\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/test.infinityns.ca\/#\/schema\/person\/ab6a7e098cdd3ccd793e3b9850893ff3\",\"name\":\"Jayne\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/test.infinityns.ca\/#personlogo\",\"inLanguage\":\"en-CA\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/1b4c72cab00c46e019c5cefd3591850b?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/1b4c72cab00c46e019c5cefd3591850b?s=96&d=mm&r=g\",\"caption\":\"Jayne\"},\"url\":\"https:\/\/test.infinityns.ca\/author\/jayne_ins\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines","description":"fax machines, printers, hackers, networks, phone lines, patches, Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines","og_description":"fax machines, printers, hackers, networks, phone lines, patches, Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines","og_url":"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/","og_site_name":"Infinity Network Solutions","article_published_time":"2018-08-14T14:47:54+00:00","article_modified_time":"2018-08-14T15:09:32+00:00","og_image":[{"width":557,"height":167,"url":"https:\/\/test.infinityns.ca\/wp-content\/uploads\/2018\/08\/Bleeping-Computer-Facebook.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Jayne","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/test.infinityns.ca\/#website","url":"https:\/\/test.infinityns.ca\/","name":"Infinity Network Solutions","description":"We&#039;re experts at being experts.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/test.infinityns.ca\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-CA"},{"@type":"ImageObject","@id":"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/#primaryimage","inLanguage":"en-CA","url":"https:\/\/test.infinityns.ca\/wp-content\/uploads\/2018\/08\/Bleeping-Computer-Facebook.png","contentUrl":"https:\/\/test.infinityns.ca\/wp-content\/uploads\/2018\/08\/Bleeping-Computer-Facebook.png","width":557,"height":167},{"@type":"WebPage","@id":"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/#webpage","url":"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/","name":"Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines","isPartOf":{"@id":"https:\/\/test.infinityns.ca\/#website"},"primaryImageOfPage":{"@id":"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/#primaryimage"},"datePublished":"2018-08-14T14:47:54+00:00","dateModified":"2018-08-14T15:09:32+00:00","author":{"@id":"https:\/\/test.infinityns.ca\/#\/schema\/person\/ab6a7e098cdd3ccd793e3b9850893ff3"},"description":"fax machines, printers, hackers, networks, phone lines, patches, Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines","breadcrumb":{"@id":"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/#breadcrumb"},"inLanguage":"en-CA","potentialAction":[{"@type":"ReadAction","target":["https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/test.infinityns.ca\/vulnerabilities-fax-protocol-let-hackers-infiltrate-networks-via-fax-machines\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/test.infinityns.ca\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines"}]},{"@type":"Person","@id":"https:\/\/test.infinityns.ca\/#\/schema\/person\/ab6a7e098cdd3ccd793e3b9850893ff3","name":"Jayne","image":{"@type":"ImageObject","@id":"https:\/\/test.infinityns.ca\/#personlogo","inLanguage":"en-CA","url":"https:\/\/secure.gravatar.com\/avatar\/1b4c72cab00c46e019c5cefd3591850b?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1b4c72cab00c46e019c5cefd3591850b?s=96&d=mm&r=g","caption":"Jayne"},"url":"https:\/\/test.infinityns.ca\/author\/jayne_ins\/"}]}},"_links":{"self":[{"href":"https:\/\/test.infinityns.ca\/wp-json\/wp\/v2\/posts\/1886"}],"collection":[{"href":"https:\/\/test.infinityns.ca\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/test.infinityns.ca\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/test.infinityns.ca\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/test.infinityns.ca\/wp-json\/wp\/v2\/comments?post=1886"}],"version-history":[{"count":2,"href":"https:\/\/test.infinityns.ca\/wp-json\/wp\/v2\/posts\/1886\/revisions"}],"predecessor-version":[{"id":1890,"href":"https:\/\/test.infinityns.ca\/wp-json\/wp\/v2\/posts\/1886\/revisions\/1890"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/test.infinityns.ca\/wp-json\/wp\/v2\/media\/1894"}],"wp:attachment":[{"href":"https:\/\/test.infinityns.ca\/wp-json\/wp\/v2\/media?parent=1886"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/test.infinityns.ca\/wp-json\/wp\/v2\/categories?post=1886"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/test.infinityns.ca\/wp-json\/wp\/v2\/tags?post=1886"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}