Zebra Industrial Printers

Monitor5.3ICS-CERT ICSA-19-232-01Aug 20, 2019

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

A vulnerability in Zebra Industrial Printers allows a remote attacker to send specially crafted network packets to retrieve the front control panel passcode. Successful exploitation grants unauthorized access to printer control settings. The vulnerability affects all Zebra industrial printer models. Zebra has released updated firmware via LinkOS that addresses this issue.

What this means

What could happen

An attacker with network access to the printer could retrieve the front control panel passcode, enabling unauthorized access to printer settings and potentially job data or system configuration.

Who's at risk

Manufacturing facilities using Zebra industrial printers for product labeling, barcode marking, or document printing should assess exposure. This affects label printers, receipt printers, card printers, and any networked Zebra printing device used in production or quality control workflows.

How it could be exploited

An attacker sends specially crafted packets to a specific port on the Zebra printer to extract the control panel passcode. This requires direct network connectivity to the printer but no credentials or user interaction.

Prerequisites

Network access to the printer (port not specified in advisory)
Printer must be reachable from attacker's network segment

remotely exploitableno authentication requiredlow complexity

Exploitability

Low exploit probability (EPSS 0.3%)

Affected products (1)

ProductAffected VersionsFix Status

Industrial Printers: AllAll versionsAvailable via Zebra LinkOS

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDConfigure network firewall rules to restrict access to printer to authorized subnets only; prevent direct Internet connectivity to printers

WORKAROUNDIf remote printer access is required, use Weblink Technology or similar encrypted tunnel solutions instead of direct network access

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate to latest Zebra LinkOS firmware version from https://www.zebra.com/linkos

Long-term hardening

0/1

HARDENINGSegment printer network behind firewall, separate from business/office network and fully isolated from Internet-facing systems

CVEs (1)

CVE-2019-10960

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/34b1e5e0-4553-4ac2-a09e-d59175355dc5