This ancient printer security bug affects millions of devices worldwide

Printer
(Image credit: Shutterstock)

Cybersecurity researchers have helped patch a privilege escalation vulnerability in the printer driver for HP, Samsung, and Xerox printers that managed to evade detection for 16 years.

SentinelOne, which unearthed the high severity vulnerability, believes it has been present since 2005, and likely affects millions of devices and likely millions of users worldwide. 

According to the company's researchers, the vulnerable driver ships with over 380 different HP and Samsung printer models as well as at least a dozen different Xerox products.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.

>> Click here to start the survey in a new window <<

"Successfully exploiting a driver vulnerability might allow attackers to potentially install programs, view, change, encrypt or delete data, or create new accounts with full user rights," explained Asaf Amir, VP of Research at SentinelOne.

Ghosts of devices past

The security flaw, tracked as CVE-2021-3438, is explained as a buffer overflow vulnerability that could be exploited in a local user privilege escalation attack.

Moreover since the bug exists in the printer driver, which gets loaded automatically by Windows, the vulnerability can be exploited even when the printer isn’t connected to the targeted device.

The only saving grace is that to exploit the bug, the attackers need local user access to the system with the buggy driver. 

"While we haven't seen any indicators that this vulnerability has been exploited in the wild up till now, with hundreds of millions of enterprises and users currently vulnerable, it is inevitable that attackers will seek out those that do not take the appropriate action," concludes Amir urging users of the affected devices to patch their drivers immediately. 

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
Digital image of a lock.
Xerox printer security risk could let hackers sneak into your systems
A computer being guarded by cybersecurity.
Huge cyberattack found hitting vulnerable Microsoft-signed legacy drivers to get past security
Avast cybersecurity
An unpatched Windows zero-day flaw has been exploited by 11 nation-state attackers
Flag of the People&#039;s Republic of China overlaid with a technological network of wires and circuits.
One of the biggest flaws exploited by Salt Typhoon hackers has had a patch available for years
A VPN runs on a mobile phone placed on a laptop keyboard
SonicWall firewalls hit by worrying cyberattack
HP LaserJet 8501x
HP launches world's first printers that can resist quantum computer attacks
Latest in Pro
Group of people meeting
Inflexible work policies are pushing tech workers to quit
Representational image depecting cybersecurity protection
Third-party security issues could be the biggest threat facing your business
An image of network security icons for a network encircling a digital blue earth.
Why multi-CDNs are going to shake up 2025
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Latest in News
Robert Downey Jr reveals himself as Doctor Doom to a delighted crowd at San Diego Comic-Con 2024
Marvel is currently making a major announcement about the MCU, and I think we're getting an official Avengers: Doomsday cast reveal
Nintendo Switch Lite
Forget the Nintendo Switch 2, the original Switch is getting one last hurrah in a surprise Nintendo Direct tomorrow
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Samsung Galaxy S25 Edge colors seemingly revealed in new video, and there’s another sign of an imminent launch
Image of Naoe in AC Shadows
Assassin's Creed Shadows best graphics settings for PS5, PS5 Pro, and Xbox Series X
Promotional image for Malcolm in the Middle featuring the original cast playing golf
Malcolm in the Middle's Disney+ revival gets underway as the series finds its cast – here's which characters are returning
Group of people meeting
Inflexible work policies are pushing tech workers to quit