CVE-2022-25090

HIGH

Kofax Printix < 1.3.1106.0 - Race Condition

Title source: rule

Description

Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition.

Exploits (2)

exploitdb WORKING POC

by Logan Latvala · localwindows

https://www.exploit-db.com/exploits/50812

View Code ZIP pw:eip

nomisec WORKING POC 5 stars

by ComparedArray · poc

https://github.com/ComparedArray/printix-CVE-2022-25090

View Code ZIP pw:eip

References (5)

[Broken Link] http://printix.com

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/50812

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/166242/Printix-Client-1.3.1106.0-Privilege-Escalation.html

[Third Party Advisory] https://github.com/ComparedArray/printix-CVE-2022-25090

[Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/167012/Printix-1.3.1106.0-Privilege-Escalation.html

Scores

CVSS v3 8.1

EPSS 0.1236

EPSS Percentile 93.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-362

Status published

Products (1)

kofax/printix < 1.3.1106.0

Published Mar 10, 2022

Tracked Since Feb 18, 2026