CVE-2023-32232

Name of the Vulnerable Software and Affected Versions Vasion PrinterLogic Client for Windows versions prior to 25.0.0.836

Description An issue was discovered in the Vasion PrinterLogic Client for Windows. During client installation and repair, a PrinterLogic binary is called by the installer to configure the device. This window is not hidden and runs with elevated privileges. A standard user can break out of this window, obtaining a full SYSTEM command prompt window, resulting in complete compromise via arbitrary SYSTEM code execution, which is an elevation of privileges.

Recommendations For versions prior to 25.0.0.836, update to version 25.0.0.836 or later to resolve the issue. As a temporary workaround, consider restricting access to the installer and the PrinterLogic binary to minimize the risk of exploitation.