CVE-2017-5671

Name: CVE-2017-5671
Creator: NVD / NIST
Published: 2017-03-29T14:59:00.377+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.40%

Last modified Jun 17, 2026

CVE-2017-5671 is a vulnerability of currently unknown severity. Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, which allows local users to conduct a BusyBox jailbreak attack and obtain root privileges by overwriting the /etc/shadow file.. EPSS estimates a 1.40% chance of exploitation in the next 30 days.

Description

Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, which allows local users to conduct a BusyBox jailbreak attack and obtain root privileges by overwriting the /etc/shadow file.

Metrics

EPSS Probability

1.40%

69.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-269

Affected Software

Vendor	Product	Versions
Honeywell	Intermec Pc23 Firmware	<= 10.10.011406
Honeywell	Intermec Pc42 Firmware	<= 10.10.011406
Honeywell	Intermec Pc43 Firmware	<= 10.10.011406
Honeywell	Intermec Pd43 Firmware	<= 10.10.011406
Honeywell	Intermec Pm23 Firmware	<= 10.10.011406
Honeywell	Intermec Pm42 Firmware	<= 10.10.011406
Honeywell	Intermec Pm43 Firmware	<= 10.10.011406

References

http://apps.intermec.com/downloads/eps_download/Firmware%20Release%20Notes%20x10_11_013310.pdfRelease Notes
http://www.securityfocus.com/bid/97236Third Party Advisory, VDB Entry
https://akerva.com/blog/intermec-industrial-printers-local-root-with-busybox-jailbreak/Exploit, Patch, Third Party Advisory
https://github.com/kmkz/exploit/blob/master/CVE-2017-5671-Credits.pdfVendor Advisory
https://www.exploit-db.com/exploits/41754/
http://apps.intermec.com/downloads/eps_download/Firmware%20Release%20Notes%20x10_11_013310.pdfRelease Notes
http://www.securityfocus.com/bid/97236Third Party Advisory, VDB Entry
https://akerva.com/blog/intermec-industrial-printers-local-root-with-busybox-jailbreak/Exploit, Patch, Third Party Advisory
https://github.com/kmkz/exploit/blob/master/CVE-2017-5671-Credits.pdfVendor Advisory
https://www.exploit-db.com/exploits/41754/

Timeline

Published: Mar 29, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-5671?

How severe is CVE-2017-5671?

Severity scoring for CVE-2017-5671 is pending analysis. The EPSS model estimates a 1.40% probability of exploitation in the next 30 days.

How do I fix CVE-2017-5671?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-5671?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST