CVE-2017-5671
First published: Wed Mar 29 2017(Updated: )
Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, which allows local users to conduct a BusyBox jailbreak attack and obtain root privileges by overwriting the /etc/shadow file.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Honeywell Intermec PC23 | <=10.10.011406 | |
| Honeywell Intermec PC42 Firmware | <=10.10.011406 | |
| Honeywell Intermec PC43 | <=10.10.011406 | |
| Honeywell Intermec Pd43 | <=10.10.011406 | |
| Honeywell Intermec PM23 Firmware | <=10.10.011406 | |
| Honeywell Intermec PM42 Firmware | <=10.10.011406 | |
| Honeywell PM43 Firmware | <=10.10.011406 | |
| Honeywell Intermec PC23 Firmware | ||
| Honeywell Intermec PC42 Firmware | ||
| Honeywell Intermec PC43 Firmware | ||
| Honeywell Intermec Pd43 Firmware | ||
| Honeywell Intermec PM23 Firmware | ||
| Honeywell Intermec Pm42 Firmware | ||
| Honeywell Intermec PM43 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://apps.intermec.com/downloads/eps_download/Firmware%20Release%20Notes%20x10_11_013310.pdf
- http://www.securityfocus.com/bid/97236
- https://akerva.com/blog/intermec-industrial-printers-local-root-with-busybox-jailbreak/
- https://github.com/kmkz/exploit/blob/master/CVE-2017-5671-Credits.pdf
- https://www.exploit-db.com/exploits/41754/
Frequently Asked Questions
What is the severity of CVE-2017-5671?
CVE-2017-5671 has a high severity rating due to its potential to allow local users to gain root privileges.
How do I fix CVE-2017-5671?
To fix CVE-2017-5671, update the Honeywell Intermec printers to firmware version 10.11.013310 or higher.
Which devices are affected by CVE-2017-5671?
CVE-2017-5671 affects the Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers with versions before 10.11.013310.
What attack can be conducted due to CVE-2017-5671?
CVE-2017-5671 allows local users to conduct a BusyBox jailbreak attack to obtain root privileges on the affected printers.
Is there a known workaround for CVE-2017-5671?
There are no known workarounds for CVE-2017-5671; the recommended action is to upgrade the firmware.
- agent/type
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/references
- agent/remedy
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/honeywell
- canonical/honeywell intermec pc23
- version/honeywell intermec pc23/10.10.011406
- canonical/honeywell intermec pc42 firmware
- version/honeywell intermec pc42 firmware/10.10.011406
- canonical/honeywell intermec pc43
- version/honeywell intermec pc43/10.10.011406
- canonical/honeywell intermec pd43
- version/honeywell intermec pd43/10.10.011406
- canonical/honeywell intermec pm23 firmware
- version/honeywell intermec pm23 firmware/10.10.011406
- canonical/honeywell intermec pm42 firmware
- version/honeywell intermec pm42 firmware/10.10.011406
- canonical/honeywell pm43 firmware
- version/honeywell pm43 firmware/10.10.011406
- canonical/honeywell intermec pc43 firmware
- canonical/honeywell intermec pd43 firmware
- canonical/honeywell intermec pm43 firmware