CVE-2024-45062
CVE-2024-45062
In short
OpenPrinting ippusbxd 1.34 has a stack buffer overflow vulnerability that occurs when a specially configured malicious printer is connected via USB. This can allow an attacker to execute arbitrary code with elevated privileges on the affected system.
Technical detail
A stack-based buffer overflow exists in OpenPrinting ippusbxd 1.34 when processing IPP-over-USB protocol data from a specially crafted device. The vulnerability requires physical USB connection and can result in arbitrary code execution within the privileged ippusbxd service. Attack vector involves sending malformed IPP protocol packets that exceed stack buffer boundaries.
Summary generated and translated by AI from the official description.
A stack based buffer overflow vulnerability is present in OpenPrinting ippusbxd 1.34. A specially configured printer that supports IPP-over-USB can cause a buffer overflow which can lead to a arbitrary code execution in a privileged service. To trigger the vulnerability, a malicious device would need to be connected to the vulnerable system over USB.
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
OpenPrinting · ippusbxdWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →