Improper Link Resolution in iPrint&Scan Desktop for Windows
CVE-2023-51654

5.5MEDIUM

Key Information:

Vendor: Brother Industries, Ltd.
Status: iPrint&Scan Desktop for Windows
Vendor: CVE Published:; 26 December 2023

🔔 Create Brother Industries, Ltd. Vulnerability Alert

What is CVE-2023-51654?

An issue in iPrint&Scan Desktop for Windows versions 11.0.0 and prior allows for improper link resolution before file access, known as a link following issue. This vulnerability can be exploited by a malicious user through a symlink attack, potentially leading to a Denial-of-Service (DoS) condition on the affected PC, disrupting normal operation and accessibility.

Affected Version(s)

iPrint&Scan Desktop for Windows 11.0.0 and earlier

References

https://jvn.jp/en/vu/JVNVU97943829/

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 26, 2023
Vulnerability Reserved
Dec 20, 2023

JSON