Using an exploit to forcibly update configuration data, the Printer Installer Client can be directed to bypass HTTPS hardening or directed to another Printer Installer Server. The Printer Installer Client does not correctly verify the origin and integrity of updates. An attacker who successfully exploits these vulnerabilities could run arbitrary code in the context of the Local System Account.
This solution prevents Man-in-the-Middle (MITM) attacks where bad actors may attempt to spoof a trusted entity by tricking the Printer Installer Server into connecting to a malicious host. To reduce any attempt at MITM attacks, you must configure your Printer Installer Server to use the HTTPS protocol as described below:
This solution addresses vulnerabilities related to properly verifying the origin and integrity of the Printer Installer Client code, as well as sanitizing special characters that could lead to unauthorized changes to configuration files. To address these issues, apply the latest Printer Installer software update as described below:
If you have questions about these solutions, contact PrinterLogic Product Support for assistance.
Your browser is not supported.
This website will not run properly on this browser. To use the site, update to one of these modern browsers: