VYPR
High severity8.8NVD Advisory· Published Mar 29, 2017· Updated Jun 17, 2026

CVE-2017-5671

CVE-2017-5671

Description

Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, which allows local users to conduct a BusyBox jailbreak attack and obtain root privileges by overwriting the /etc/shadow file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:o:honeywell:intermec_pc23_firmware:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:honeywell:intermec_pc23_firmware:*:*:*:*:*:*:*:*range: <=10.10.011406
    • cpe:2.3:o:honeywell:intermec_pc43_firmware:*:*:*:*:*:*:*:*range: <=10.10.011406
    • cpe:2.3:o:honeywell:intermec_pm23_firmware:*:*:*:*:*:*:*:*range: <=10.10.011406
    • cpe:2.3:o:honeywell:intermec_pm43_firmware:*:*:*:*:*:*:*:*range: <=10.10.011406
  • cpe:2.3:o:honeywell:intermec_pc42_firmware:*:*:*:*:*:*:*:*
    Range: <=10.10.011406
  • cpe:2.3:o:honeywell:intermec_pd43_firmware:*:*:*:*:*:*:*:*
    Range: <=10.10.011406
  • cpe:2.3:o:honeywell:intermec_pm42_firmware:*:*:*:*:*:*:*:*
    Range: <=10.10.011406
  • Range: <10.11.013310

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.