Printers branded as Samsung and Dell contain a backdoor administrator account that cannot be disabled, and which can be used to take control of the device and launch further attacks on a network, the Computer Emergency Response Team (CERT) said in an advisory.
The printers are all made by Samsung and contain a Simple Network Management Protocol (SNMP) community string with full read and write privileges.
Even if SNMP is disabled in the printers' management utilities, the community string remains active and the device vulnerable, CERT said.
CERT warned that "a remote, unauthenticated attacker could access an affected device with administrative privileges."
Such an attacker has "the ability to make changes to the device configuration, access to sensitive information (eg., device and network information, credentials, and information passed to the printer), and the ability to leverage further attacks through arbitrary code execution," according to CERT.
To mitigate against the security flaw, CERT suggested firewalling off the SNMP trap port at 1118 UDP and to ensure the printers do not face the Internet.
Dell and Samsung have both said they will release patches to rectify the vulnerability and that printers sold after October this year are unaffected.
Smith said that the community string has been found in printer firmware dating back to 2004.