CVE-2017-5671: Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x befo
Summary
Honeywell Intermec industrial printers (models PM23, PM42, PM43, PC23, PC43, PD43, PC42) before firmware version 10.11.013310 and 10.12.x before 10.12.013309 have a vulnerability where the Lua interpreter is installed with setuid permissions (allowing it to run with elevated privileges of the itadmin account). This allows local users to conduct a BusyBox jailbreak attack (exploiting a container escape technique) and gain root privileges by modifying the /etc/shadow file (which controls user passwords and permissions).
Solution / Mitigation
Update firmware to version 10.11.013310 or 10.12.013309 or later.
Vulnerability Details
7.2
EPSS: 0.5%
Classification
Original source: https://nvd.nist.gov/vuln/detail/CVE-2017-5671
First tracked: February 15, 2026 at 08:52 PM
Classified by LLM (prompt v3) · confidence: 95%