Re: sorry, but is this so unreasonable?
Unfortunately not. Most "new" multi-function scanners that save to an SMB share only use SMBv1! That means, that if you have a corporate network with multi-function scanners from the likes of, say Konica Minolta and the staff can scan documents to a share, then the share has to have SMBv1 enabled!
Obviously the mitigation here is that no corporate network in its right mind would open up SMB ports to the internet... On the other hand, those leased multi function devices often phone home, so they are the weak link. If they have remote access ports open and have an attack weakness, they can be used as a bridgehead into the network.
Windows XP only uses SMBv1 by default, so any company still using legacy XP machines may also be vulnerable.
Biting the hand that feeds IT
