Samsung Printer Drivers Vulnerability: HP Releases Update.
HP has rolled out an updated universal driver for Windows to address a privilege escalation vulnerability in Samsung’s Office printers. This flaw allows attackers to potentially gain elevated rights within the system, posing a significant security risk.
In a recent security announcement, HP highlighted that the Samsung universal printer drivers for Windows are “potentially vulnerable to privilege escalation.” The vulnerability, tracked as CVE-2024-5760 and rated with a CVSS score of 8.2 (high risk), could enable attackers to create a reverse shell through the tool.
Affected Devices: Pre-2018 Models Only
The U.S. IT security authority has categorized this vulnerability as stemming from “inadequate rights management.” HP specified that only devices released or manufactured before 2018 are at risk.
Details on the potential attack vectors remain sparse. HP has not clarified whether exploitation is possible from the local network or if the vulnerability is currently being targeted. Additionally, the company has not provided guidance on alternative countermeasures while awaiting updates.
IT managers and Samsung printer owners can find the updated software on HPโs driver download page by searching for their specific printer model. Given the high-risk classification of this vulnerability, affected users are urged to download and apply the update promptly. Earlier this year, HP addressed similar security gaps in various Enterprise and LaserJet printer models, emphasizing the importance of timely firmware updates to prevent unauthorized access or data leaks.