Samsung printer drivers allow attackers to escalate rights
HP has provided an updated universal driver for Windows for Samsung's Office printers. It seals a privilege escalation leak.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
HP warns of a security vulnerability in the universal printer drivers for Samsung printers in Windows. Attackers can extend their rights in the system and thus cause damage.
As HP writes in a security announcement, the Samsung universal printer drivers for Windows are "potentially vulnerable to privilege escalation". According to the original CVE entry, this allows attackers to create a reverse shell in the tool (CVE-2024-5760, CVSS 8.2 (according to HP), risk"high").
Restriction: Only devices and apps from before 2018 affected
The US IT security authority has classified the vulnerability as being of the "inadequate rights management" type. HP's developers restrict that this only affects products in the app that were released or manufactured before 2018.
Videos by heise
No further details are currently known. HP's developers do not explain what an attack could look like, whether exploitation from the local network is possible or whether the gap is already under attack. The company also does not mention any optional countermeasures to reduce the risk posed by the vulnerability if an update is not yet possible.
IT managers and owners of Samsung printers can find the updated software on HP's driver download page. There they have to search for the model number of the printer. As the vulnerability is classified as high-risk, those affected should not hesitate for long, but download and apply the update quickly.
At the end of February, HP had to seal security gaps in various Enterprise and Laserjet printer models. Without a firmware update, it would otherwise have been possible for attackers to infiltrate malicious code or leak unauthorized information.
(dmk)
