October 29, 2024


Episode 16


CVE-2024-5760: LPE + RCE in Samsung’s Universal Print Driver for Windows 


Authors: Matthew Bianchi and Hahna Kane Latonick

Introduction

Dark Wolf Solutions recently disclosed to HP Inc. (“HP”) a vulnerability associated with the Samsung Universal Print Driver (UPD) for Windows, running software version V3.00.16.0101 and earlier, that results in local privilege escalation (LPE) and allows for remote code execution (RCE). The Samsung UPD can communicate with many different Samsung printer models without needing to install individual printer-specific drivers for each model. HP continues to support the use of their Windows drivers to help users efficiently connect both HP and Samsung printers to their Windows devices.

Target Analysis

The Samsung Xpress SL-M2070FW Laser Multifunction Printer (Figure 1) uses the Samsung UPD and provides fast high-resolution printing, AirPrint for direct wireless printing, and Wi-Fi Protected Setup (WPS) for connecting the printer to a wireless network.