October 29, 2024
Episode 16
CVE-2024-5760: LPE + RCE in Samsung’s Universal Print Driver for Windows
Authors: Matthew Bianchi and Hahna Kane Latonick
Introduction
Dark Wolf Solutions recently disclosed to HP Inc. (“HP”) a vulnerability associated with the Samsung Universal Print Driver (UPD) for Windows, running software version V3.00.16.0101 and earlier, that results in local privilege escalation (LPE) and allows for remote code execution (RCE). The Samsung UPD can communicate with many different Samsung printer models without needing to install individual printer-specific drivers for each model. HP continues to support the use of their Windows drivers to help users efficiently connect both HP and Samsung printers to their Windows devices.
Target Analysis
The Samsung Xpress SL-M2070FW Laser Multifunction Printer (Figure 1) uses the Samsung UPD and provides fast high-resolution printing, AirPrint for direct wireless printing, and Wi-Fi Protected Setup (WPS) for connecting the printer to a wireless network.