CVE-2024-34329

HIGH

Entrust Datacard XPS Card Printer Driver <8.5 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-34329. PoCs published by pamoutaf.

AI-analyzed exploit summary The exploit leverages insecure file permissions in Datacard XPS Card Printer Driver to achieve local privilege escalation by planting a malicious DLL (DEVOBJ.dll or CFGMGR32.dll) in a writable directory, which is executed with SYSTEM privileges during service startup.

Description

Insecure permissions in Entrust Datacard XPS Card Printer Driver 8.5 and earlier without the dxp1-patch-E24-004 patch allows unauthenticated attackers to execute arbitrary code as SYSTEM via a crafted DLL payload.

Exploits (1)

nomisec WORKING POC
by pamoutaf · poc
https://github.com/pamoutaf/CVE-2024-34329

The exploit leverages insecure file permissions in Datacard XPS Card Printer Driver to achieve local privilege escalation by planting a malicious DLL (DEVOBJ.dll or CFGMGR32.dll) in a writable directory, which is executed with SYSTEM privileges during service startup.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Datacard XPS Card Printer Driver <= 8.4
Auth required
Prerequisites: Low-privileged user access · Ability to write to C:\ProgramData\Datacard\XPS Card Printer\Service · Administrator to install the driver
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 8.4
EPSS 0.0059
EPSS Percentile 43.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-277
Status published
Published Jul 22, 2024
Tracked Since Feb 18, 2026