HP printer driver bug spells trouble -- even if you do not have an HP printer

Posted on Thursday, Jul 22 2021 @ 15:18 CEST by Thomas De Maesschalck
MSFT logo
A vulnerability in a 16-year old HP printer driver is rendering hundreds of millions of Windows computers vulnerable to attack. Not owning a printer from HP is no guarantee that you're safe, as this driver ships with Windows by default and can be loaded by unprivileged users. The bug is identified as CVE-2021-3438, it's rated as high severity as it could allow attackers to run code in kernel mode.

ThreatPost has more details over here:
According to researchers, the vulnerability exists in a function inside the driver that accepts data sent from User Mode via Input/Output Control (IOCTL); it does so without validating the size parameter. As the name suggests, IOCTL is a system call for device-specific input/output operations.

“This function copies a string from the user input using ‘strncpy’ with a size parameter that is controlled by the user,” according to SentinelOne’s analysis, released on Tuesday. “Essentially, this allows attackers to overrun the buffer used by the driver.”

Thus, unprivileged users can elevate themselves into a SYSTEM account, allowing them to run code in kernel mode, since the vulnerable driver is locally available to anyone, according to the firm.
So far, no attack in the wild has been observed but it looks like an interesting bug to chain together with other vulnerabilities to gain remote access to a system. HP is releasing a patched driver but the certificate of the buggy driver has not yet been revoked, which means it can still be used for bring-your-own-vulnerable-driver (BYOVD) attacks.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments