CRITICAL🇵🇱 Wersja polska

CVE-2025-5099

CVSS 9.8v3.1pub. 2025-05-23upd. 2025-10-08

An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory corruption and potentially arbitrary code execution.

🤖 AI Analysis
How it works

During PDF document processing, the application's native library performs a write outside the boundaries of the allocated memory buffer (Out-of-Bounds Write, CWE-787/CWE-119). A malformed PDF file can trigger this flaw, leading to process memory corruption. The result of corruption may be a takeover of control over the program's execution flow and execution of arbitrary code.

Impact

An attacker can gain full control over the victim's device by executing arbitrary code (RCE), and can also compromise the confidentiality, integrity, and availability of data — which corresponds to the highest ratings in all three CVSS categories.

Mitigation & patch

Apply patches available from the vendor according to the references. It is also recommended to avoid opening untrusted PDF files in the application until the update is deployed.

Who is affected

Dynamix Software PrinterShare — versions indicated in the vendor's references (advisory KL-001-2025-004 by KoreLogic)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dynamixsoftware Printershare

    APP
    Dynamixsoftware
    ≤ 12.15.01
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2025-5098CRITICAL9.1PL ✓ten sam produkt

Przechwytywanie tokenów Gmail w aplikacji PrinterShare na Android

CVE-2025-5100HIGH8.0ten sam produkt

A double-free condition occurs during the cleanup of temporary image files, which can be exploited to achieve ...