16-year-old bug in printer software gives hackers admin rights


A 16-year-old safety susceptability discovered in an HP, Xerox, as well as Samsung printers chauffeur enables aggressors to obtain admin rights on systems utilizing the prone chauffeur software.

“This high severity vulnerability, which has been present in HP, Samsung, and Xerox printer software since 2005, affects hundreds of millions of devices and millions of users worldwide,” according to a SentinelOne report released today as well as shown to BleepingComputer in development.

The safety problem tracked as CVE-2021-3438 is a barrier overflow in the SSPORT.SYS chauffeur for particular printer designs that might result in a neighborhood acceleration of individual benefits.

As the scientists uncovered, the buggy chauffeur immediately obtains set up with the printer software as well as will certainly be filled by Windows after each system reboot.

This makes it the excellent target for aggressors that require a simple means to rise benefits, because the bug can be abused also when the printer is not attached to the targeted tool.

Vulnerable driver set to load on system boot
Vulnerable chauffeur readied to fill on system boot (SentinelOne)

Successful exploitation needs neighborhood individual accessibility which indicates that risk stars will certainly require to very first obtain a grip on the targeted gadgets.

Once this is attained, they can abuse the safety bug to rise benefits in reduced intricacy strikes without needing individual communication.

The result is that aggressors with standard individual benefits can raise their benefits to SYSTEM as well as run code in bit setting, possibly bypassing safety items that would certainly obstruct their strikes or the distribution of added harmful hauls.

“Successfully exploiting a driver vulnerability might allow attackers to potentially install programs, view, change, encrypt or delete data, or create new accounts with full user rights,” SentinelOne describes.

“While we haven’t seen any indicators that this vulnerability has been exploited in the wild up till now, with hundreds of millions of enterprises and users currently vulnerable, it is inevitable that attackers will seek out those that do not take the appropriate action.”

Users prompted to upgrade ASAP

A listing of impacted printer designs utilizing the prone chauffeur can be discovered in HP’s security advisory as well as this Xerox security mini bulletin

HP, Xerox, as well as Samsung business as well as house clients are prompted to use the spots given by the 2 suppliers asap.

“Some Windows machines may already have this driver without even running a dedicated installation file, since this driver comes with Microsoft Windows via Windows Update,” the scientists included.

Earlier this year, SentinelOne scientists discovered a 12-year-old opportunity acceleration bug in Microsoft Defender Antivirus ( previously Windows Defender) that can allow aggressors obtain admin rights on unpatched Windows systems.

Microsoft Defender Antivirus is the default anti-malware remedy on more than 1 billion systems running Windows 10 per Microsoft’s statistics.

Comments are closed.

buy levitra buy levitra online