Security flaw tracked as CVE-2021-3438 is a buffer overflow in the SSPORT.SYS driver for specific printer models that could lead to a local escalation of user privileges. The buggy driver automatically gets installed with the printer software and will be loaded by Windows after each system reboot. The bug can be abused even when the printer is not connected to the targeted device. The vulnerability has been present in HP, Samsung, and Xerox printer software since 2005, researchers say.
Source: https://www.bleepingcomputer.com/news/security/16-year-old-bug-in-printer-software-gives-hackers-admin-rights/