CVE-2023-32232
N/A
N/A
Summary
An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.836. During client installation and repair, a PrinterLogic binary is called by the installer to configure the device. This window is not hidden, and is running with elevated privileges. A standard user can break out of this window, obtaining a full SYSTEM command prompt window. This results in complete compromise via arbitrary SYSTEM code execution (elevation of privileges).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://docs.printercloud.com/1-Printerlogic/Release_Notes/Client_Release_Notes.htm
- https://www.vasion.com/press-releases/printerlogic-rebrands
- https://docs.printercloud.com/1-Printerlogic/Release_Notes/Security_Bulletin_CVE.htm
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://docs.printercloud.com/1-Printerlogic/Release_Notes/Client_Release_Notes.htm
- https://www.vasion.com/press-releases/printerlogic-rebrands
- https://docs.printercloud.com/1-Printerlogic/Release_Notes/Security_Bulletin_CVE.htm
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.