Details of VAR-201703-0741

ID

VAR-201703-0741

CVE

CVE-2017-5671

TITLE

plural Honeywell Intermec In industrial printers BusyBox Vulnerability to be jailbreaked

Trust: 0.8

sources: JVNDB: JVNDB-2017-002905

DESCRIPTION

Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, which allows local users to conduct a BusyBox jailbreak attack and obtain root privileges by overwriting the /etc/shadow file. Honeywell IntermecPM23 and others are printers of Honeywell International. A security vulnerability exists in versions prior to the Honeywell Intermec printer 10.11.013310 and 10.12.x prior to 10.12.013309. A local attacker can exploit this vulnerability to implement a BusyBoxjailbreak attack and gain root privileges. Honeywell Intermec Industrial Printers are prone to a local privilege-escalation vulnerability. Honeywell Intermec PM23, etc. The following products are affected: Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, PC42

Trust: 2.52

sources: NVD: CVE-2017-5671 // JVNDB: JVNDB-2017-002905 // CNVD: CNVD-2017-05405 // BID: 97236 // VULHUB: VHN-113874

IOT TAXONOMY

category:

['ICS', 'Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-05405

AFFECTED PRODUCTS

vendor:	honeywell	model:	intermec pm23	scope:	lte	version:	10.10.011406	Trust: 1.0
vendor:	honeywell	model:	intermec pc43	scope:	lte	version:	10.10.011406	Trust: 1.0
vendor:	honeywell	model:	intermec pd43	scope:	lte	version:	10.10.011406	Trust: 1.0
vendor:	honeywell	model:	intermec pm43	scope:	lte	version:	10.10.011406	Trust: 1.0
vendor:	honeywell	model:	intermec pm42	scope:	lte	version:	10.10.011406	Trust: 1.0
vendor:	honeywell	model:	intermec pc42	scope:	lte	version:	10.10.011406	Trust: 1.0
vendor:	honeywell	model:	intermec pc23	scope:	lte	version:	10.10.011406	Trust: 1.0
vendor:	honeywell	model:	intermec pd43	scope:	eq	version:	10.12.013309	Trust: 0.8
vendor:	honeywell	model:	intermec pm43	scope:	eq	version:	10.12.013309	Trust: 0.8
vendor:	honeywell	model:	intermec pc23	scope:	eq	version:	10.12.013309	Trust: 0.8
vendor:	honeywell	model:	intermec pc23	scope:	lt	version:	10.12.x	Trust: 0.8
vendor:	honeywell	model:	intermec pm42	scope:	lt	version:	10.12.x	Trust: 0.8
vendor:	honeywell	model:	intermec pm23	scope:	eq	version:	10.12.013309	Trust: 0.8
vendor:	honeywell	model:	intermec pm23	scope:	lt	version:	10.12.x	Trust: 0.8
vendor:	honeywell	model:	intermec pc43	scope:	eq	version:	10.12.013309	Trust: 0.8
vendor:	honeywell	model:	intermec pd43	scope:	lt	version:	10.12.x	Trust: 0.8
vendor:	honeywell	model:	intermec pm42	scope:	eq	version:	10.12.013309	Trust: 0.8
vendor:	honeywell	model:	intermec pc42	scope:	lt	version:	10.12.x	Trust: 0.8
vendor:	honeywell	model:	intermec pc42	scope:	eq	version:	10.12.013309	Trust: 0.8
vendor:	honeywell	model:	intermec pm43	scope:	lt	version:	10.12.x	Trust: 0.8
vendor:	honeywell	model:	intermec pc43	scope:	lt	version:	10.12.x	Trust: 0.8
vendor:	honeywell	model:	intermec pm23	scope:	-	version:	-	Trust: 0.6
vendor:	honeywell	model:	intermec pc23	scope:	lt	version:	10.11.013310	Trust: 0.6
vendor:	honeywell	model:	intermec pc23	scope:	eq	version:	10.12.*,<10.12.013309	Trust: 0.6
vendor:	honeywell	model:	intermec pc42	scope:	lt	version:	10.11.013310	Trust: 0.6
vendor:	honeywell	model:	intermec pc42	scope:	eq	version:	10.12.*<10.12.013309	Trust: 0.6
vendor:	honeywell	model:	intermec pc43	scope:	lt	version:	10.11.013310	Trust: 0.6
vendor:	honeywell	model:	intermec pc43	scope:	eq	version:	10.12.*,<10.12.013309	Trust: 0.6
vendor:	honeywell	model:	intermec pd43	scope:	lt	version:	10.11.013310	Trust: 0.6
vendor:	honeywell	model:	intermec pd43	scope:	eq	version:	10.12.*,<10.12.013309	Trust: 0.6
vendor:	honeywell	model:	intermec pm23	scope:	lt	version:	10.11.013310	Trust: 0.6
vendor:	honeywell	model:	intermec pm23	scope:	eq	version:	10.12.*,<10.12.013309	Trust: 0.6
vendor:	honeywell	model:	intermec pm42	scope:	lt	version:	10.11.013310	Trust: 0.6
vendor:	honeywell	model:	intermec pm42	scope:	eq	version:	10.12.*<10.12.013309	Trust: 0.6
vendor:	honeywell	model:	intermec pm43	scope:	lt	version:	10.11.013310	Trust: 0.6
vendor:	honeywell	model:	intermec pm43	scope:	eq	version:	10.12.*,<10.12.013309	Trust: 0.6
vendor:	honeywell	model:	intermec pc43	scope:	eq	version:	10.10.011406	Trust: 0.6
vendor:	honeywell	model:	intermec pc23	scope:	eq	version:	10.10.011406	Trust: 0.6
vendor:	honeywell	model:	intermec pd43	scope:	eq	version:	10.10.011406	Trust: 0.6
vendor:	honeywell	model:	intermec pm43	scope:	eq	version:	10.10.011406	Trust: 0.6
vendor:	honeywell	model:	intermec pm42	scope:	eq	version:	10.10.011406	Trust: 0.6
vendor:	honeywell	model:	intermec pm23	scope:	eq	version:	10.10.011406	Trust: 0.6
vendor:	honeywell	model:	intermec pc42	scope:	eq	version:	10.10.011406	Trust: 0.6
vendor:	honeywell	model:	intermec pm43	scope:	eq	version:	10.11.13310	Trust: 0.3
vendor:	honeywell	model:	intermec pm43	scope:	eq	version:	0	Trust: 0.3
vendor:	honeywell	model:	intermec pm42	scope:	eq	version:	10.11.13310	Trust: 0.3
vendor:	honeywell	model:	intermec pm42	scope:	eq	version:	0	Trust: 0.3
vendor:	honeywell	model:	intermec pm23	scope:	eq	version:	10.11.13310	Trust: 0.3
vendor:	honeywell	model:	intermec pm23	scope:	eq	version:	0	Trust: 0.3
vendor:	honeywell	model:	intermec pd43	scope:	eq	version:	10.11.13310	Trust: 0.3
vendor:	honeywell	model:	intermec pd43	scope:	eq	version:	0	Trust: 0.3
vendor:	honeywell	model:	intermec pc43	scope:	eq	version:	10.11.13310	Trust: 0.3
vendor:	honeywell	model:	intermec pc43	scope:	eq	version:	0	Trust: 0.3
vendor:	honeywell	model:	intermec pc42	scope:	eq	version:	10.11.13310	Trust: 0.3
vendor:	honeywell	model:	intermec pc42	scope:	eq	version:	0	Trust: 0.3
vendor:	honeywell	model:	intermec pc23	scope:	eq	version:	10.11.13310	Trust: 0.3
vendor:	honeywell	model:	intermec pc23	scope:	eq	version:	0	Trust: 0.3
vendor:	honeywell	model:	intermec pm43	scope:	ne	version:	10.12.13309	Trust: 0.3
vendor:	honeywell	model:	intermec pm42	scope:	ne	version:	10.12.13309	Trust: 0.3
vendor:	honeywell	model:	intermec pm23	scope:	ne	version:	10.12.13309	Trust: 0.3
vendor:	honeywell	model:	intermec pd43	scope:	ne	version:	10.12.13309	Trust: 0.3
vendor:	honeywell	model:	intermec pc43	scope:	ne	version:	10.12.13309	Trust: 0.3
vendor:	honeywell	model:	intermec pc42	scope:	ne	version:	10.12.13309	Trust: 0.3
vendor:	honeywell	model:	intermec pc23	scope:	ne	version:	10.12.13309	Trust: 0.3

sources: CNVD: CNVD-2017-05405 // BID: 97236 // JVNDB: JVNDB-2017-002905 // CNNVD: CNNVD-201703-1328 // NVD: CVE-2017-5671

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-5671
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-5671
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2017-05405
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201703-1328
value:	HIGH
Trust: 0.6
VULHUB:	VHN-113874
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-5671
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-05405
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-113874
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-5671
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.0
impactScore:	6.0
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-05405 // VULHUB: VHN-113874 // JVNDB: JVNDB-2017-002905 // CNNVD: CNNVD-201703-1328 // NVD: CVE-2017-5671

PROBLEMTYPE DATA

problemtype:	CWE-269	Trust: 1.1
problemtype:	CWE-264	Trust: 0.9

sources: VULHUB: VHN-113874 // JVNDB: JVNDB-2017-002905 // NVD: CVE-2017-5671

THREAT TYPE

local

Trust: 0.9

sources: BID: 97236 // CNNVD: CNNVD-201703-1328

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201703-1328

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-002905

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-113874

PATCH

title:	Security Notification SN 2017-03-14 01	url:	https://github.com/kmkz/exploit/blob/master/CVE-2017-5671-Credits.pdf	Trust: 0.8
title:	Release Notes Printer Firmware Version 11.1	url:	http://apps.intermec.com/downloads/eps_download/Firmware%20Release%20Notes%20x10_11_013310.pdf	Trust: 0.8
title:	HoneywellIntermecIndustrial Printer Local Privilege Escalation Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/91935	Trust: 0.6
title:	Multiple Honeywell Intermec Fixes for printer security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68857	Trust: 0.6

sources: CNVD: CNVD-2017-05405 // JVNDB: JVNDB-2017-002905 // CNNVD: CNNVD-201703-1328

EXTERNAL IDS

db:	NVD	id:	CVE-2017-5671	Trust: 3.4
db:	BID	id:	97236	Trust: 2.6
db:	EXPLOIT-DB	id:	41754	Trust: 1.7
db:	JVNDB	id:	JVNDB-2017-002905	Trust: 0.8
db:	CNNVD	id:	CNNVD-201703-1328	Trust: 0.7
db:	CNVD	id:	CNVD-2017-05405	Trust: 0.6
db:	PACKETSTORM	id:	141915	Trust: 0.1
db:	VULHUB	id:	VHN-113874	Trust: 0.1

sources: CNVD: CNVD-2017-05405 // VULHUB: VHN-113874 // BID: 97236 // JVNDB: JVNDB-2017-002905 // CNNVD: CNNVD-201703-1328 // NVD: CVE-2017-5671

REFERENCES

url:	http://apps.intermec.com/downloads/eps_download/firmware%20release%20notes%20x10_11_013310.pdf	Trust: 2.6
url:	https://github.com/kmkz/exploit/blob/master/cve-2017-5671-credits.pdf	Trust: 2.0
url:	https://akerva.com/blog/intermec-industrial-printers-local-root-with-busybox-jailbreak/	Trust: 2.0
url:	http://www.securityfocus.com/bid/97236	Trust: 1.7
url:	https://www.exploit-db.com/exploits/41754/	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5671	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-5671	Trust: 0.8
url:	http://www.security.honeywell.com/	Trust: 0.3

sources: CNVD: CNVD-2017-05405 // VULHUB: VHN-113874 // BID: 97236 // JVNDB: JVNDB-2017-002905 // CNNVD: CNNVD-201703-1328 // NVD: CVE-2017-5671

CREDITS

Jean-Marie Bourbon.

Trust: 0.3

sources: BID: 97236

SOURCES

db:	CNVD	id:	CNVD-2017-05405
db:	VULHUB	id:	VHN-113874
db:	BID	id:	97236
db:	JVNDB	id:	JVNDB-2017-002905
db:	CNNVD	id:	CNNVD-201703-1328
db:	NVD	id:	CVE-2017-5671

LAST UPDATE DATE

2025-04-20T23:31:02.996000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-05405	date:	2017-04-26T00:00:00
db:	VULHUB	id:	VHN-113874	date:	2019-10-03T00:00:00
db:	BID	id:	97236	date:	2017-04-04T01:02:00
db:	JVNDB	id:	JVNDB-2017-002905	date:	2017-05-08T00:00:00
db:	CNNVD	id:	CNNVD-201703-1328	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2017-5671	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-05405	date:	2017-04-18T00:00:00
db:	VULHUB	id:	VHN-113874	date:	2017-03-29T00:00:00
db:	BID	id:	97236	date:	2017-03-29T00:00:00
db:	JVNDB	id:	JVNDB-2017-002905	date:	2017-05-08T00:00:00
db:	CNNVD	id:	CNNVD-201703-1328	date:	2017-03-30T00:00:00
db:	NVD	id:	CVE-2017-5671	date:	2017-03-29T14:59:00.377