3

I have the potential for a printer to be connected through USB and through a network cable at the same time. The USB would be connected directly to a computer which is part of a private network.

According to this: Attacking an office printer? Printers can definitely be used as an attack vector.

If the networks that the printer are completely isolated and can attacks be performed through a USB should the printer become compromised from the network connection? Is there a difference if the printer doesn't have a scanner (as the driver might have different permissions)?

Community
  • 1
DarkSheep
  • 333
  • 2
  • 13

2 Answers2

4

There was a vulnerability in HP printers that allowed firmware updates over the network, so we know it is possible.

A new firmware could allow at least in principle for the USB interface to be "repurposed". An obvious attack vector is for the printer to masquerade as a keyboard and start pressing keys to issue dangerous commands. The Rubber Ducky is a related USB product that has a framework behind it focused on attacks.

Stuxnet used vulnerabilities in Windows to start the malware on USB drives. This IBM X-Force research details the vulnerabilities.

A different and more dangerous masquerading is of a device that tells the computer to load a driver that has known vulnerabilities. The device can then exploit the vulnerabilities and even get code executed in the kernel. Here is a NIST warning about this and here is a NCC Group Study. There are countless legacy device drivers that can be vulnerable. A well known OS hardening technique is to eliminate unused drivers.

The printer can also attack the USB controller on the computer providing lower level access. The badBIOS incidents hint at that possibility.

The above attacks are directly against the computer the printer connects to, but the printer can compromise the confidentiality of the data that is printed or the credentials that are used to access the printer so the attacker can reuse them somewhere else.

Cristian Dobre
  • 9,797
  • 1
  • 30
  • 50
2

An advanced printer could certainly theoretically be used as a platform for trying to launch an attack over USB, but I'm not sure if there are any proof of concept attacks out there. Many printers basically run their own embedded OS though, so a compromise of the printer should allow for pretty much any connection it has to be able to be used by the attacker.

AJ Henderson
  • 41,816
  • 5
  • 63
  • 110