Scribd
Upload
106 views4 pages

SN-10.CVE-2021-34527 PrintNightmare Vulnerability v1.0.1

This document provides an overview of the Print Nightmare vulnerability (CVE-2021-34527) and its impact on IDIS products. It affects Windows systems by allowing remote code execution through the print spooler service. IDIS products using Windows could be vulnerable if the latest patches are not installed or the print spooler is not disabled. Workarounds and patches are suggested to protect systems from this vulnerability.

Uploaded by

Isaac Vargas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
106 views4 pages

SN-10.CVE-2021-34527 PrintNightmare Vulnerability v1.0.1

This document provides an overview of the Print Nightmare vulnerability (CVE-2021-34527) and its impact on IDIS products. It affects Windows systems by allowing remote code execution through the print spooler service. IDIS products using Windows could be vulnerable if the latest patches are not installed or the print spooler is not disabled. Workarounds and patches are suggested to protect systems from this vulnerability.

Uploaded by

Isaac Vargas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

SN-10

CVE-2021-34527 (Print Nightmare)


Vulnerability
Version 1.0.0
(Jul. 13. 2021)

© IDIS Co., Ltd. All rights reserved. IDIS and identifying product names and numbers herein are registered trademarks of IDIS Co., Ltd.
All non-IDIS brands and product names are trademarks of their respective companies.
Product appearance, build status and/or specifications are subject to change without notice.
CVE-2021-34527 (Print Nightmare) Vulnerability SN-10

1 Overview

The CVE-2021-34527 vulnerability called ‘Print Nightmare’ in Windows spooler service was revealed on
th
June 9 , 2021 [1]. This document provides a brief introduction to the ‘Print Nightmare’, and the impact of
these attacks on IDIS products.

2 What is ‘Print Nightmare’?

‘Print Nightmare’ is a bug in the Windows spooler service that under some circumstances can result in an
attacker being able to remotely run code on a Microsoft Windows system as the local SYSTEM user [2].

This means that hackers could exploit ‘Print Nightmare’ to gain elevated administrator privileges and execute
code remotely. In other words, it openly invites hackers to control your PC, install malware and ransomware,
and steal or destroy sensitive data without having to physically access your computer [3].

‘Print Nightmare’ affects all versions of Windows print spooler, including versions installed on Windows OS
based personal computers, enterprise networks, servers, and domain controllers [3].

3 Impacts of ‘Print Nightmare’ on IDIS Products

3.1 Standalone Products: NVRs, DVRs and IP Cameras

IDIS standalone products use Linux OS and is not relevant to this vulnerability.

3.2 Windows OS based Products

IDIS has the following Windows OS based products and these products are affected by this vulnerability.

(1) IR-100, IR-300(A), DV-2232, DV-3100, ID29/39xx: WES(Windows Embedded Standard) 8, 64bit

Windows print spooler will not accept client connections as a default until an authorized user shares out
a local printer or opens the print queue on a printer connection. But, if user shares out a local printer or
opens the print queue, Windows print spooler will begin accepting client connections and will be exposed
to this vulnerability.

(2) IR-1100: Windows Server 2016 or Windows 10, 64bit

Windows printer spooler will be activated and exposed to this vulnerability.

(3) IR-1000 : WES 8 or Windows Server 2012 R2, 64bit

Windows printer spooler will be activated and exposed to this vulnerability.

(4) IDIS Center or IDIS Solution Suite: Depending on user server’s Windows OS

Windows printer spooler will be activated and exposed to this vulnerability if this spooler service is not
disabled by user.

Version 1.0.0 2
CVE-2021-34527 (Print Nightmare) Vulnerability SN-10

Please do one of the following to protect your products from this vulnerability.

(1) Download and install the patch software corresponding to the installed Windows OS. (Recommended)

- WES 8 OS: KB5004956 Windows patch software

- Windows Server 2016 OS: KB5004948 Windows patch software

: Same as Windows 10’s KB5004948 patch software

- Windows 10 OS or other OSs : Please refer to Updates section of the MSRC > Customer Guidance
> Security Update Guide > Vulnerabilities > CVE 2021 34527 [4].

Please download and install the appropriate patch software after checking the Windows OS name
and version used in your product.

Windows OS name and version can be checked by the following command.

 Press ‘Windows ( ) + R’ keys, enter winver and click OK on ‘Run’ dialog box.

- Option) Please refer to the following site if you want to view installed patch software for Windows.

https://forums.ivanti.com/s/article/How-To-View-Installed-Updates-for-Windows-Using-
WMIC?language=en_US

(2) Disable the print spooler service

- Please refer to Workaround section of the MSRC > Customer Guidance > Security Update Guide >
Vulnerabilities > CVE 2021 34527 [4].

(3) Disable inbound remote printing through Group Policy

- Please refer to Workaround section of the MSRC > Customer Guidance > Security Update Guide >
Vulnerabilities > CVE 2021 34527 [4].

Contact Us

Additional information may be updated in this document in the future. Please contact IDIS HQ via email at
techsupport@idisglobal.com if you have any questions or concerns related to this issue.

Version 1.0.0 3
CVE-2021-34527 (Print Nightmare) Vulnerability SN-10

References

[1] https://cve.mitre.org/

[2] https://www.papercut.com/kb/Main/PrintNightmareCVE2021#what-is-print-nightmare

[3] https://eminetracanada.com/how-to-avoid-windows-print-nightmare-security-threats/213364/

[4] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

Version History

Version Writer Revision Date Remarks


1.0.1 Daniel Lee Jul. 13. 2021 Initial Release

Version 1.0.0 4

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy