HP patches vulnerable driver lurking in printers for 16 years

silversurfer

Level 75
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
6,431
HP has patched a severe vulnerability that has been hidden in a printer driver for 16 years.

On Tuesday, SentinelLabs published an analysis of the vulnerability, tracked as CVE-2021-3438 and issued a CVSS score of 8.8.

The security issue is described as a "potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege."

According to the researchers, some HP, Xerox, and Samsung printer models contained vulnerable driver software, sold worldwide since 2005.

The driver in question, SSPORT.SYS, is automatically installed and activated, whether the model was wireless or cabled. The driver is also loaded automatically by Microsoft's Windows operating system on PC boot.

"This makes the driver a perfect candidate to target since it will always be loaded on the machine even if there is no printer connected," the researchers say.
 

omidomi

Level 70
Verified
Trusted
Malware Hunter
Apr 5, 2014
5,948
index.jpg
 
Top