CVE-2017-5671
HIGHHoneywell Intermec Pc23 Firmware - Improper Privilege Management
Title source: ruleDescription
Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, which allows local users to conduct a BusyBox jailbreak attack and obtain root privileges by overwriting the /etc/shadow file.
Exploits (1)
exploitdb
WORKING POC
by Jean-Marie Bourbon · textlocalhardware
https://www.exploit-db.com/exploits/41754
References (5)
Core 5
Core References
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/41754/
Release Notes x_refsource_confirm
http://apps.intermec.com/downloads/eps_download/Firmware%20Release%20Notes%20x10_11_013310.pdf
Exploit, Patch, Third Party Advisory x_refsource_misc
https://akerva.com/blog/intermec-industrial-printers-local-root-with-busybox-jailbreak/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/97236
Vendor Advisory x_refsource_confirm
https://github.com/kmkz/exploit/blob/master/CVE-2017-5671-Credits.pdf
Scores
CVSS v3
8.8
EPSS
0.0051
EPSS Percentile
66.3%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-269
Status
published
Products (7)
honeywell/intermec_pc23_firmware
< 10.10.011406
honeywell/intermec_pc42_firmware
< 10.10.011406
honeywell/intermec_pc43_firmware
< 10.10.011406
honeywell/intermec_pd43_firmware
< 10.10.011406
honeywell/intermec_pm23_firmware
< 10.10.011406
honeywell/intermec_pm42_firmware
< 10.10.011406
honeywell/intermec_pm43_firmware
< 10.10.011406
Published
Mar 29, 2017
Tracked Since
Feb 18, 2026