PT-2022-17070 · Printix · Printix Secure Cloud Print Management
Logan Latvala
·
Published
2022-03-02
·
Updated
2022-09-03
·
CVE-2022-25089
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Printix Secure Cloud Print Management versions 1.3.1106.0 and earlier
Description
The issue concerns the incorrect use of Privileged APIs to modify values in HKEY LOCAL MACHINE via UITasks.PersistentRegistryData. This could potentially lead to unauthorized changes in the system registry.
Recommendations
For Printix Secure Cloud Print Management versions 1.3.1106.0 and earlier, consider restricting access to the
UITasks.PersistentRegistryData until a proper fix is applied to prevent unauthorized modifications to the system registry.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Printix Secure Cloud Print Management