Your IT Consultant
Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.
Some HP, Samsung and Xerox Printers Have 16-Year-Old Security Flaw
July 22, 2021
When it comes to updating software, don’t forget about other devices such as printers, monitors or router firmware. Case in point – SentinelLabs has discovered a 16-year-old vulnerability that has existed in a vulnerable printer driver for millions of HP, Samsung and Xerox printers. The vulnerability is a buffer overflow (CVE-2021-3438) in the SSPORT.SYS driver for specific printer models that could lead to a local escalation of user privileges. The list of impacted printers includes over 380 HP and Samsung models and at least a dozen Xerox models. A list of printers running the vulnerable driver can be found in HP’s security advisory and this Xerox security mini bulletin.
Obviously, if you have a printer running the vulnerable driver, apply the update now.