A 16-year-old security vulnerability found in an HP, Xerox, and Samsung printer driver allows attackers to get admin rights on systems using the vulnerable driver software.

This high severity vulnerability, which has been present in the printer software since 2005, impacts hundreds of millions of devices and millions of users worldwide.

The security flaw dubbed as CVE-2021-3438 is a buffer overflow in the SSPORT.SYS driver for specific printer models that could lead to a local escalation of user privileges.

The researchers at SentinelOne discovered that the buggy driver automatically gets installed with the printer software and will be loaded by Windows after each system reboot.

This makes it the perfect target for attackers who need an easy way to escalate privileges, as it is easy to abuse the bug even when the printer is not connected to the targeted device.

For successful exploitation of this, local user access is required which means that threat actors will need to first get a foothold on the targeted devices.

Once they get this, they can abuse the security bug to escalate privileges in low complexity attacks without requiring user interaction.

The researchers stated that on successfully exploiting a driver vulnerability might allow attackers to potentially install programs, view, change, encrypt or delete data, or create new accounts with full user rights.

As there is no evidence of this vulnerability being exploited in the wild is available, with hundreds of millions of enterprises and users currently vulnerable, it is inevitable that attackers will look for those that do not take the appropriate action.

HP, Xerox, and Samsung enterprise and home customers are urged to apply the patches provided by the two vendors as soon as possible.

As this driver comes with Microsoft Windows via Windows Update, some Windows machines may already have this driver without even running a dedicated installation file.so

The post 16-year-old bug in printer software gives hackers admin rights first appeared on Cybersafe News.

You May Also Like

Critical vulnerability affects every Linux application including interpreters of other languages like PHP, Python and any language linked to glibc

Security issues in the GNU C library (gblic) can be disastrous for…

Update EVlink electric car charging stations software; critical vulnerabilities allow cyber criminals to burn down vehicles

Security teams at Schneider Electric announced the correction of multiple flaws in…

3 important vulnerabilities in Samba: Patch immediately

Samba announced the release of some updates that aim to address various…