Heap Corruption Vulnerability in Advantech TP-3250 Printer Driver
CVE-2025-63701
Currently unrated
What is CVE-2025-63701?
A heap corruption vulnerability has been identified in the Advantech TP-3250 printer driver, specifically within the DrvUI_x64_ADVANTECH.dll component. This issue arises when the DocumentPropertiesW() function is invoked with a valid dmDriverExtra parameter while the output buffer is undersized compared to the input buffer. As a result, the driver incorrectly assumes the sizes are the same, which leads to invalid memory operations and can cause heap corruption. Exploitation of this vulnerability requires local access and can result in application crashes as well as potential code execution in user space.