CVE-2025-47986 · Universal Print Management Service Elevation of Privilege Vulnerability

Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.

Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? This vulnerability could lead to a contained execution environment escape. Please refer to AppContainer Isolation for more information.

Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.

Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.

What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-free vulnerability, even as a standard user.

How could an attacker exploit this vulnerability? An authenticated attacker could send a specially crafted file to a shared printer. This could result in arbitrary code execution on the system that is sharing the printer.