November 28, 2023

16 years of printer weakness

16 years of printer weakness

Researchers have discovered a security vulnerability in drivers from Samsung, HP, and Xerox. There are 16 million printers at risk of taking over the system.

The basics in brief

  • Millions of printers have faced massive security vulnerabilities for 16 years.
  • That’s what researchers from SentinelOne found.
  • Security patches are now available for 380 models from Samsung, HP, and Xerox.

SentinelOne Seeker I found an IT security leak that has been around for 16 years. According to the “Der Standard”, this affects millions of printers from three manufacturers. It is recommended that affected users install the published security patches.

Printers provide access to the system

Drivers affected by Samsungand HP and Xerox for more than 380 models of printers. Attackers can use a buffer overflow to achieve what is known as “privilege escalation”. thus under windows Gain control of the “System” account. With that they will have hacker Access with maximum rights.

The vulnerability can be found in security databases under entry “CVE-2021-3438”. The risk was rated highly at 7.8. The three companies advanced knowledge of discoveries. HP and Xerox (PDF) have already published corresponding security patches, the first also works Samsung– Hardware.

Installation is highly recommended for owners of affected models. A list of models is provided in the manufacturer’s safety bulletins. Security researchers assure that the printer software driver is always installed, even if the software is uninstalled. This will be too In every system it starts Loaded regardless of whether the printer is connected or not.

More on this topic:

Windows Samsung Hacker Xerox

See also  Recent information, new history and video