CVE-2025-1984

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-1984
Xerox Desktop Print Experience application contains a Local Privilege Escalation (LPE) vulnerability, which allows a low-privileged user to gain SYSTEM-level access.

5.2 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.0 / Impact : 2.7

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://securitydocs.business.xerox.com/wp-content/uploads/2025/03/Xerox-Security-Bulletin-XRX25-006-for-Xerox-Desktop-Print-Experience.pdf
Configurations

No configuration.

History

14 Mar 2025, 18:15

Type Values Removed Values Added
CWE CWE-269 CWE-428
Summary
  • (es) La aplicación Xerox Desktop Print Experience contiene una vulnerabilidad de escalada de privilegios locales (LPE), que permite que un usuario con pocos privilegios obtenga acceso a nivel de SYSTEM.
References
  • {'url': 'https://securitydocs.business.xerox.com/wp-content/uploads/2025/03/Xerox-Security-Bulletin-XRX25-004-for-Xerox-FreeFlow-Print-Server-v7.pdf', 'source': '10b61619-3869-496c-8a1e-f291b0e71e3f'}
  • () https://securitydocs.business.xerox.com/wp-content/uploads/2025/03/Xerox-Security-Bulletin-XRX25-006-for-Xerox-Desktop-Print-Experience.pdf -

12 Mar 2025, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-03-12 16:15

Updated : 2025-03-14 18:15

NVD link : CVE-2025-1984

Mitre link : CVE-2025-1984

CVE.ORG link : CVE-2025-1984

JSON object : View

Products Affected

No product.

CWE
CWE-428

Unquoted Search Path or Element