Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2021-3438 |
CWE-ID | CWE-119 |
Exploitation vector | Local |
Public exploit | Public exploit code for vulnerability #1 is available. |
Vulnerable software Subscribe |
ssport.sys Hardware solutions / Drivers |
Vendor | Microsoft |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU55241
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3438
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the software drivers. A local user can trigger memory corruption and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Below is the list of printer models with the vulnerable driver.
Product Name |
Model |
Software Version |
---|---|---|
HP Color Laser 150 Series |
4ZB94A, 4ZB95A |
Printer_CVE-2021-3438_update.exe HP_Color_Laser_150_Full_Software_and_Drivers_1.16.exe HP_Color_Laser_150_Print_Drivers_1.16.exe HP_Color_Laser_150_Driver.exe |
HP Color Laser MFP 170 Series - 178/179 |
4ZB96A, 4ZB97A, 6HU08A, 6HU09A |
Printer_CVE-2021-3438_update.exe HP_Color_Laser_MFP_178_179_Full_Software_and_Drivers_1.15.exe HP_Color_Laser_MFP_178_179_Driver.exe HP_Color_Laser_MFP_178_179_Print_Scan_Drivers_1.15.exe |
HP Laser 100 Series - 103/107/108 |
4ZB81A, 5UE14A, 209U7A, 4ZB79A, 4ZB80A |
Printer_CVE-2021-3438_update.exe HP_Laser_103_107_108_Print_Driver_1.16.exe HP_Laser_103_107_108_Full_Software_and_Drivers_1.16.exe HP_Laser_103_107_108_Driver.exe |
HP Laser 408 Printer Series |
7UQ75A |
Printer_CVE-2021-3438_update.exe HP_Laser_408_Print_Driver_Add_Printer_1.06.exe HP_Laser_408_Print_Driver_1.06.exe |
HP Laser MFP 130 Series - 131/133/135/137/138 |
4ZB92A, 4ZB93A, 4ZB82A, 6HU10A, 5UE15A, 4ZB83A, 6HU11A, 4ZB85A, 4ZB87A, 4ZB86A, 9VV52A, 4ZB84A, 6HU12A, 4ZB91A, 4ZB88A, 4ZB89A, 4ZB90A |
Printer_CVE-2021-3438_update.exe HP_ Laser_MFP_131_133_135-138_Full_Software_and_Drivers_1.15.exe HP_ Laser_MFP_131_133_135-138_Print_Scan_Drivers_1.15.exe HP_ Laser_MFP_131_133_135-138_Driver.exe |
HP Laser MFP 432 Series |
7UQ76A |
Printer_CVE-2021-3438_update.exe HP_Laser_MFP_432_Print_Scan_Drivers_1.07.exe HP_Laser_MFP_432_Print_Driver_only_1.07.exe HP_Laser_MFP_432_Full_Software_and_Drivers_1.07.exe |
HP LaserJet MFP M4252x Series |
7AB26A, 7ZB25A, 7ZB72A |
Printer_CVE-2021-3438_update.exe HP_LaserJet_MFP_M42523-M42625_Full_Software_and_Drivers_V1.04.exe HP_LaserJet_MFP_M42523-M42625_Print_Scan_Drivers_V1.04.exe HP_LaserJet_MFP_M42523-M42625_Print_Driver_only_V1.04.exe |
HP LaserJet MFP M4262x Series |
8AF49A, 8AF50A, 8AF51A, 8AF52A |
Printer_CVE-2021-3438_update.exe HP_LaserJet_MFP_M42523-M42625_Full_Software_and_Drivers_V1.04.exe HP_LaserJet_MFP_M42523-M42625_Print_Scan_Drivers_V1.04.exe HP_LaserJet_MFP_M42523-M42625_Print_Driver_only_V1.04.exe |
HP LaserJet MFP M433 Printer Series |
1VR14A |
Printer_CVE-2021-3438_update.exe HP_LaserJet_MFP_M433_Full_Software_and_Drivers_1.03.exe HP_LaserJet_MFP_M433_Print_Driver_only_1.03.exe HP_LaserJet_MFP_M433_Print_Scan_Drivers_1.03.exe |
HP LaserJet MFP M436 Printer Series |
2KY38A, W7U01A, W7U02A |
Printer_CVE-2021-3438_update.exe HP_LaserJet_MFP_M436_Print_Scan_Drivers_1.13.exe HP_LaserJet_MFP_M436_Print_Driver_only_1.13.exe HP_LaserJet_MFP_M436_Full_Software_and_Drivers_1.13.exe |
HP LaserJet MFP M437 Series |
7ZB20A, 7ZB19A, 7ZB21A |
Printer_CVE-2021-3438_update.exe HP_LaserJet_MFP_M437-M443_Full_Software_and_Drivers_V1.04.exe HP_LaserJet_MFP_M437-M443_Print_Scan_Drivers_V1.04.exe HP_LaserJet_MFP_M437-M443_Print_Driver_only_V1.04.exe |
HP LaserJet MFP M438 Series |
8AF43A, 8AF44A, 8AF45A |
Printer_CVE-2021-3438_update.exe HP_LaserJet_MFP_M437-M443_Full_Software_and_Drivers_V1.04.exe HP_LaserJet_MFP_M437-M443_Print_Scan_Drivers_V1.04.exe HP_LaserJet_MFP_M437-M443_Print_Driver_only_V1.04.exe |
HP LaserJet MFP M439 Series |
7ZB22A, 7ZB23A, 7ZB24A |
Printer_CVE-2021-3438_update.exe HP_LaserJet_MFP_M437-M443_Full_Software_and_Drivers_V1.04.exe HP_LaserJet_MFP_M437-M443_Print_Scan_Drivers_V1.04.exe HP_LaserJet_MFP_M437-M443_Print_Driver_only_V1.04.exe |
HP LaserJet MFP M440 Series |
8AF46A, 8AF47A, 8AF48A |
Printer_CVE-2021-3438_update.exe HP_LaserJet_MFP_M437-M443_Full_Software_and_Drivers_V1.04.exe HP_LaserJet_MFP_M437-M443_Print_Scan_Drivers_V1.04.exe HP_LaserJet_MFP_M437-M443_Print_Driver_only_V1.04.exe |
HP LaserJet MFP M442 Series |
8AF71A |
Printer_CVE-2021-3438_update.exe HP_LaserJet_MFP_M437-M443_Full_Software_and_Drivers_V1.04.exe HP_LaserJet_MFP_M437-M443_Print_Scan_Drivers_V1.04.exe HP_LaserJet_MFP_M437-M443_Print_Driver_only_V1.04.exe |
HP LaserJet MFP M443 Series |
8AF72A |
Printer_CVE-2021-3438_update.exe HP_LaserJet_MFP_M437-M443_Full_Software_and_Drivers_V1.04.exe HP_LaserJet_MFP_M437-M443_Print_Scan_Drivers_V1.04.exe HP_LaserJet_MFP_M437-M443_Print_Driver_only_V1.04.exe |
HP LaserJet MFP M72625-M72630 Series |
2ZN49A, 2ZN50A |
Printer_CVE-2021-3438_update.exe HP_LaserJet_MFP_M72625_M72630_Full_Software_and_Drivers_1.05.exe HP_LaserJet_MFP_M72625_M72630_Print_only_1.05.exe HP_LaserJet_MFP_M72625_M72630_Print_Scan_Drivers_1.05.exe |
Samsung CLP-360 Color Laser Printer series |
SS062A |
Printer_CVE-2021-3438_update.exe |
Samsung CLP-365 Color Laser Printer Series |
SS066A, SW139A, SS067A |
Printer_CVE-2021-3438_update.exe |
Samsung CLP-366 Color Laser Printer series |
SS068A, SV600A |
Printer_CVE-2021-3438_update.exe |
Samsung CLP-368 Color Laser Printer series |
SV601A |
Printer_CVE-2021-3438_update.exe |
Samsung CLP-560 Color Laser Printer Series |
SV611A, SV612A |
Printer_CVE-2021-3438_update.exe |
Samsung CLP-680 Color Laser Printer Series |
SS075A, SS076A |
Printer_CVE-2021-3438_update.exe CLP-680_Series_WIN_SPL_PCL_V3.13.06.00.33_CDV1.23.exe CLP-680_Series_WIN_PS_V2.01.09.26_CDV1.23.exe CLP-680_Series_WIN_Printer_V3.13.06.00.33_CDV1.23.zip |
Samsung CLP-775 Color Laser Printer Series |
SS078A, SS079A |
Printer_CVE-2021-3438_update.exe |
Samsung CLX-3300 Color Laser Multifunction Printer series |
SS088A, SV677A |
Printer_CVE-2021-3438_update.exe |
Samsung CLX-3305 Color Laser Multifunction Printer Series |
SS093A, SS094A, SS095A, SS096A |
Printer_CVE-2021-3438_update.exe |
Samsung CLX-6260 Color Laser Multifunction Printer Series |
SS105A, SS106A, SS107A, SW177A, SS108A |
Printer_CVE-2021-3438_update.exe CLX-6260_Series_WIN_SPL_PCL_V3.13.12.02.31_CDV1.25.exe CLX-6260_Series_WIN_PS_V2.01.09.25_CDV1.25.exe CLX-6260_Series_WIN_Printer_V3.13.12.02.31_CDV1.25.zip CLX-6260_Series_WIN_Scanner_V3.21.65.11_CDV1.25.exe |
Samsung ML-3750 Laser Printer Series |
SS138A |
Printer_CVE-2021-3438_update.exe |
Samsung ML-4510 Laser Printer series |
SS141A |
Printer_CVE-2021-3438_update.exe |
Samsung ML-4512 Laser Printer series |
SS142A |
Printer_CVE-2021-3438_update.exe |
Samsung ML-5010 Laser Printer series |
SS145A |
Printer_CVE-2021-3438_update.exe |
Samsung ML-5012 Laser Printer series |
SS146A |
Printer_CVE-2021-3438_update.exe |
Samsung ML-5015 Laser Printer Series |
SS147A |
Printer_CVE-2021-3438_update.exe |
Samsung ML-5017 Laser Printer series |
SS148A |
Printer_CVE-2021-3438_update.exe |
Samsung ML-551x Laser Printer Series |
SS149A, SS150A,SV897A, SV898A, SS151A,SS152A |
Printer_CVE-2021-3438_update.exe |
Samsung ML-651x Laser Printer Series |
SS153A, SV899C, SV900A, SV901A, SS154A |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress CLX-9251 Laser Multifunction Printer series |
SS005A, SV719A |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress CLX-9301 Laser Multifunction Printer Series |
SW179A, SS007A, SW152A |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress SCX-8128 Laser Multifunction Printer Series |
SS018A, SS019A, SS020A, SW172A |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress SCX-8230 Laser Multifunction Printer series |
SS021A |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress SCX-8240 Laser Multifunction Printer Series |
SS022A, ST717A, SW185A |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress SL-K2200 Laser Multifunction Printer |
SS024A, SS025A |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress SL-K3250 Laser Multifunction Printer Series |
SS027E |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress SL-K3300 Laser Multifunction Printer series |
SS028A |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress SL-K4250 Laser Multifunction Printer series |
SS030A, SS031A |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress SL-K4300 Laser Multifunction Printer series |
SS032A |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress SL-K4350 Laser Multifunction Printer Series |
SS033A |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress SL-K7400 Laser Multifunction Printer series |
SS037A, SS038A |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress SL-K7500 Laser Multifunction Printer series |
SS039A, SS040A |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress SL-K7600 Laser Multifunction Printer Series |
SS041A, SS042A |
Printer_CVE-2021-3438_update.exe |
Samsung MultiXpress SL-M4370 Laser Multifunction Printer Series |
SS396A, SW117A |
Printer_CVE-2021-3438_update.exe M4370_5370_Series_WIN_Printer_V3.13.14.08.41_CDV1.37.zip M4370_5370_Series_WIN_Scanner_V3.32.12_CDV1.37.exe |
Samsung MultiXpress SL-M5360 Laser Multifunction Printer Series |
SS403A |
Printer_CVE-2021-3438_update.exe M4370_5370_Series_WIN_Printer_V3.13.14.08.41_CDV1.37.zip M4370_5370_Series_WIN_Scanner_V3.32.12_CDV1.37.exe |
Samsung MultiXpress SL-M5370 Laser Multifunction Printer Series |
SS404A, SW121A |
Printer_CVE-2021-3438_update.exe M4370_5370_Series_WIN_Printer_V3.13.14.08.41_CDV1.37.zip M4370_5370_Series_WIN_Scanner_V3.32 MitigationInstall updates from vendor's website. Vulnerable software versionsssport.sys: All versions External linkshttp://support.hp.com/us-en/document/ish_3900395-3833905-16 Q & A Can this vulnerability be exploited remotely? No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system. Is there known malware, which exploits this vulnerability? No. We are not aware of malware exploiting this vulnerability. |