Since many companies use fax machines that are also printers and photocopiers, they often have a connection to the internal network.
The malicious images exploit protocols established in the 1980's that define the format of fax messages. The research was presented at the Def Con hacker conference in Las Vegas.
The two researchers said millions of companies could be at risk because they currently did little to secure fax lines.
"Fax has no security measures built in - absolutely nothing," security researcher Yaniv Balmas, from Check Point software, told the BBC.
Mr Balmas uncovered the security holes in the fax protocols with the help of colleague Eyal Itkin and said they were "surprised" by the extent to which fax was still used.
"There seems to be a lot of organisations, government agencies, banks and others that are still using fax," said Mr Balmas.
He added that there were historical and legal reasons why the ageing technology was still so prevalent.
"Fax is still considered as visual evidence in court but an email is not," he said. "That's why some government agencies require you to send a fax."
To read the full article please click here.