What is CVE-2022-43555 in Ivanti Avalanche?

It's a missing authentication bug in the Printer Device Service, allowing local privilege escalation to SYSTEM level.

Is CVE-2022-43555 remotely exploitable?

No — requires local access, but that's often trivial in breached environments.

Grab Ivanti's update from their portal (post-2022 builds); scan fleets with NVD tools first.

Ever wonder if that humming office printer is quietly handing over your network keys? CVE-2022-43555 in Ivanti Avalanche proves it might be.

theAIcatchup Apr 08, 2026 3 min read

CVE-2022-43555 enables unauthenticated local privilege escalation in Ivanti Avalanche's Printer Device Service. 𝕏
Patch immediately — legacy deployments remain a top risk despite 2022 fix. 𝕏
Overlooked printer endpoints mirror past flaws like PrintNightmare; segment now. 𝕏

Published by

Threat intelligence. Zero noise.

#CVE-2022-43555 #Ivanti Avalanche #Printer Vulnerability #privilege escalation

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by NVD Vulnerabilities