PT-2021-12703 · Unknown · Printchaser

Published

2021-12-28

Updated

2022-01-11

CVE-2020-7883

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Printchaser versions 2.2021.804.1 and earlier

Description: The issue allows a remote attacker to download and execute a remote file by setting the argument variable in the activeX module, which can be leveraged for code execution.

Recommendations: For versions 2.2021.804.1 and earlier, consider disabling the activeX module until a patch is available to prevent remote code execution. Restrict access to the activeX module to minimize the risk of exploitation. Avoid using the argument variable in the activeX module until the issue is resolved.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-494

Related Identifiers

CVE-2020-7883

Affected Products

Printchaser

PT-2021-12703 · Unknown · Printchaser

CVE-2020-7883

Weakness Enumeration

Related Identifiers

Affected Products

References · 3