Page 108 - CDM-CYBER-DEFENSE-eMAGAZINE-December-2018
P. 108

Faxploit: Critical Flaws in The Fax Protocol? Not So Fast…


            Cause for Vigilance, But Not Panic

            By Sébastien Boire-Lavigne, Executive Vice President and CTO, XMedius Solutions Inc.





            At DEF CON 2018, Eyal Itkin and Yaniv Balmas, researchers from Israeli security software developer
            Check Point, demonstrated an exploit in the fax protocols of an HP multifunction device (MFD). The
            demonstration highlighted a vulnerability in said protocols that allows an attacker to send a malicious
            image file to the device, enabling them to use the device as an access point into an entire IT network.
            Once in, hackers would be able to gain access to confidential information, install ransomware or perform
            any number of other heinous activities.

            While most hacks we hear about in the media are performed through the internet, this demonstration,
            aptly named “Faxploit,” exploited a vulnerability in fax protocols that could serve as a potential entry point
            for cybercriminals. The result? Within a short period, there was widespread media frenzy. Headlines like
            “Your Fax Machine is a Threat to Your Organization!” flooded news feeds around the globe, causing
            panic. Faxploit, however, is not a cause for panic – it’s an event that reminds us all to pay more attention
            to all devices in our network.

            Whatever outdated connotations the word “fax” carries with it, it is still a method of secure document
            transmission  that  is  widely  used  in  the  healthcare,  legal,  finance,  government  sectors,  and  more.
            According to Check Point, there are over 17 million business fax terminals still in use in the U.S. alone.

            It is important to note that the specific protocols used as an entry vector in the Faxploit demonstration
            (CVE-2018-5924 and CVE-2018-5925) are the color fax protocols of the HP device. Color faxing is not
            an immensely popular form of document transmission and usually not supported by modern Fax-over-IP
            (FoIP) systems. This, of course, is not to underplay the remarkable research that was carried out, but







                                 108
   103   104   105   106   107   108   109   110   111   112   113