Multiple buffer overflows in Lexmark MarkVision printer driver programs allows local users to gain privileges via long arguments to the cat_network, cat_paraller, and cat_serial commands.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | markvision | 4.3 |
The HTTP server in Lexmark T522 and possibly other models allows remote attackers to cause a denial of service (server crash, reload, or hang) via an HTTP header with a long Host field, possibly triggering a buffer overflow.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | t522_network_printer | * |
Lexmark X1185 printer allows local users to gain SYSTEM privileges by navigating to the "Appearance" dialog and selecting the "Additional styles (skins) are available on the Lexmark web site" option, which launches a web browser that is running with SYSTEM privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | x1185 | * |
Unspecified vulnerability in the Lexmark Printer Sharing LexBce Server Service (LexPPS), possibly 8.29 and 9.41, allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based on a vague initial disclosure; details will be updated after the grace period has ended.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | printer_sharing | 9.41 |
| lexmark | printer_sharing | 8.29 |
The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause a denial of service (operating system halt) via a malformed HTTP Authorization header.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | x73x | * |
| lexmark | n70xxe | * |
| lexmark | x644 | * |
| lexmark | c510 | * |
| lexmark | n4050e | * |
| lexmark | c73x | * |
| lexmark | x34x | * |
| lexmark | t650 | * |
| lexmark | x772e | * |
| lexmark | c546 | * |
| lexmark | x546 | * |
| lexmark | x422 | * |
| lexmark | t64x | * |
| lexmark | e360dn | * |
| lexmark | x86x | * |
| lexmark | w850 | * |
| lexmark | c52x | * |
| lexmark | e450 | * |
| lexmark | x85x | * |
| lexmark | c544 | * |
| lexmark | x46x | * |
| lexmark | e460 | * |
| lexmark | t652 | * |
| lexmark | x65x | * |
| lexmark | x543 | * |
| lexmark | e260 | * |
| lexmark | n4000 | * |
| lexmark | e120 | * |
| lexmark | e23x | * |
| lexmark | x782e | * |
| lexmark | x646 | * |
| lexmark | x26x | * |
| lexmark | t654 | * |
| lexmark | x544 | * |
| lexmark | e238 | * |
| lexmark | n8120 | * |
| lexmark | x64xef | * |
| lexmark | x36x | * |
| lexmark | c540 | * |
| lexmark | x642 | * |
| lexmark | c920 | * |
| lexmark | c935dn | * |
| lexmark | c543 | * |
| lexmark | e350 | * |
| lexmark | e462 | * |
| lexmark | c77x | * |
| lexmark | t656 | * |
| lexmark | c53x | * |
| lexmark | w840 | * |
| lexmark | t430 | * |
| lexmark | e34x | * |
| lexmark | n8130 | * |
| lexmark | e240 | * |
| lexmark | 25xxn | * |
| lexmark | e250 | * |
| lexmark | c78x | * |
| lexmark | x20x | * |
| lexmark | e33x | * |
| lexmark | e240n | * |
| lexmark | e360d | * |
| lexmark | x94x | * |
The flood-protection feature in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser and inkjet printers and MarkNet devices allows remote attackers to cause a denial of service (TCP outage) by making many passive FTP connections and then aborting these connections.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | z2420 | * |
Stack-based buffer overflow in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser printers and multi-function printers allows remote attackers to execute arbitrary code or cause a denial of service (device hang) via a long argument to a PJL INQUIRE command.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | x94x | * |
Lexmark Markvision Enterprise before 1.8 provides a diagnostic interface on TCP port 9789, which allows remote attackers to execute arbitrary code, change the configuration, or obtain sensitive fleet-management information via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | markvision | * |
cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and X646 before LC2.MC.P374, X642 through LC2.MB.P318, W840 through LS.HA.P252, T64x before LS.ST.P344, X64xef through LC2.TI.P325, C935dn through LC.JO.P091, C920 through LS.TA.P152, C78x through LC.IO.P187, X78x through LC2.IO.P335, C77x through LC.CM.P052, X772 through LC2.TR.P291, C53x through LS.SW.P069, C52x through LS.FA.P150, 25xxN through LCL.CU.P114, N4000 through LC.MD.P119, N4050e through GO.GO.N206, N70xxe through LC.CO.N309, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allows remote attackers to remove the Password Protect administrative password via the vac.255.GENPASSWORD parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | n70xxe | * |
| lexmark | x644 | * |
| lexmark | e350 | * |
| lexmark | n4050e | * |
| lexmark | x772 | * |
| lexmark | x78x | * |
| lexmark | c52x | * |
| lexmark | e450 | * |
| lexmark | x85x | * |
| lexmark | c77x | * |
| lexmark | c53x | * |
| lexmark | w840 | * |
| lexmark | 25xxn | * |
| lexmark | e250 | * |
| lexmark | x64xef | * |
| lexmark | c78x | * |
| lexmark | n4000 | * |
| lexmark | t64x | * |
| lexmark | x642 | * |
| lexmark | c920 | * |
| lexmark | c935dn | * |
| lexmark | x646 | * |
| lexmark | x94x | * |
Multiple cross-site scripting (XSS) vulnerabilities on Lexmark W840 through LS.HA.P252, T64x before LS.ST.P344, C935dn through LC.JO.P091, C920 through LS.TA.P152, C53x through LS.SW.P069, C52x through LS.FA.P150, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allow remote authenticated users to inject arbitrary web script or HTML by using (1) SNMP or (2) the Embedded Web Server (EWS) to set the (a) Contact or (b) Location field.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | e350 | * |
| lexmark | c52x | * |
| lexmark | e250 | * |
| lexmark | e450 | * |
| lexmark | t64x | * |
| lexmark | c53x | * |
| lexmark | w840 | * |
| lexmark | c920 | * |
| lexmark | c935dn | * |
Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to write to arbitrary files via unspecified vectors.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | markvision_enterprise | * |
Directory traversal vulnerability in the ReportDownloadServlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to read arbitrary files via unspecified vectors.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | markvision_enterprise | * |
Directory traversal vulnerability in the LibraryFileUploadServlet servlet in Lexmark Markvision Enterprise allows remote authenticated users to write to and execute arbitrary files via a .. (dot dot) in a file path in a ZIP archive.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | markvision_enterprise | - |
Lexmark Markvision Enterprise before 2.3.0 misuses the Apache Commons Collections Library, leading to remote code execution because of Java deserialization.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | markvision_enterprise | * |
Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-254,CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | printer_firmware | * |
Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | printer_firmware | * |
An exploitable buffer overflow exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a stack based buffer overflow resulting in remote code execution.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | perceptive_document_filters | - |
An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow causing an out-of-bounds write which under the right circumstance could potentially be leveraged by an attacker to gain arbitrary code execution.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | perceptive_document_filters | - |
An exploitable heap overflow vulnerability exists in the Compound Binary File Format (CBFF) parser functionality of Lexmark Perceptive Document Filters library. A specially crafted CBFF file can cause a code execution. An attacker can send a malformed file to trigger this vulnerability.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | perceptive_document_filters | 11.2.0.1732 |
Lexmark Markvision Enterprise (MVE) before 2.4.1 allows remote attackers to execute arbitrary commands by uploading files. (
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-434,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | markvision_enterprise | * |
Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via requests to (1) cgi-bin/direct/printer/prtappauth/apps/snfDestServlet or (2) cgi-bin/direct/printer/prtappauth/apps/ImportExportServlet.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-522,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | scan_to_network | * |
An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a arbitrary read resulting in memory disclosure. The vulnerability was confirmed on versions 11.3.0.2228 and 11.3.0.2400
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | perceptive_document_filters | 11.3.0.2400 |
| lexmark | perceptive_document_filters | 11.3.0.2228 |
An exploitable use-after-free exists in the PDF parsing functionality of Lexmark Perspective Document Filters 11.3.0.2400 and 11.4.0.2452. A crafted PDF document can lead to a use-after-free resulting in direct code execution.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | perceptive_document_filters | 11.3.0.2400 |
| lexmark | perceptive_document_filters | 11.4.0.2452 |
An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 11.3.0.2400. A specifically crafted PDF can cause a function call on a corrupted DCTStream to occur, resulting in user controlled data being written to the stack. A maliciously crafted PDF file can be used to trigger this vulnerability.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | perceptive_document_filters | 11.3.0.2400 |
Various Lexmark devices have a Buffer Overflow (issue 1 of 2).
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | xm71xx_firmware | * |
| lexmark | xs74x_firmware | * |
| lexmark | xs95x_firmware | * |
| lexmark | xm1145_firmware | * |
| lexmark | cx410_firmware | * |
| lexmark | mx61x_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | x92x_firmware | * |
| lexmark | mx51x_firmware | * |
| lexmark | mx6500_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | x74x_firmware | * |
| lexmark | mx81x_firmware | * |
| lexmark | xc2132_firmware | * |
| lexmark | mx41x_firmware | * |
| lexmark | xm51xx_firmware | * |
| lexmark | x95x_firmware | * |
| lexmark | x79x_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | xs92x_firmware | * |
| lexmark | xs79x_firmware | * |
| lexmark | 6500_firmware | * |
| lexmark | cx510_firmware | * |
| lexmark | mx71x_firmware | * |
| lexmark | x54x_firmware | * |
| lexmark | xs54x_firmware | * |
| lexmark | mx91x_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm91x_firmware | * |
| lexmark | xm3150_firmware | * |
Various Lexmark devices have a Buffer Overflow (issue 2 of 2).
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | cx860_firmware | * |
| lexmark | cx72x_firmware | * |
| lexmark | mb2650_firmware | * |
| lexmark | mx321_firmware | * |
| lexmark | mx622_firmware | * |
| lexmark | mc2325_firmware | * |
| lexmark | xc41x0_firmware | * |
| lexmark | xc92x5_firmware | * |
| lexmark | mc2535_firmware | * |
| lexmark | mb2770_firmware | * |
| lexmark | xc2235_firmware | * |
| lexmark | xm7370_firmware | * |
| lexmark | mb2442_firmware | * |
| lexmark | xm7355_firmware | * |
| lexmark | cx522_firmware | * |
| lexmark | cx82x_firmware | * |
| lexmark | xm5370_firmware | * |
| lexmark | xc6152_firmware | * |
| lexmark | mb2546_firmware | * |
| lexmark | xc8160_firmware | * |
| lexmark | mc2425_firmware | * |
| lexmark | mx52x_firmware | * |
| lexmark | xm124x_firmware | * |
| lexmark | mx82x_firmware | * |
| lexmark | cx92x_firmware | * |
| lexmark | mb2338_firmware | * |
| lexmark | mx72x_firmware | * |
| lexmark | cx421_firmware | * |
| lexmark | xc4240_firmware | * |
| lexmark | mc2640_firmware | * |
| lexmark | cx62x_firmware | * |
| lexmark | mx42x_firmware | * |
| lexmark | xc8155_firmware | * |
| lexmark | xm3250_firmware | * |
On certain Lexmark devices that communicate with an LDAP or SMTP server, a malicious administrator can discover LDAP or SMTP credentials by changing that server's hostname to one that they control, and then capturing the credentials that are sent there. This occurs because stored credentials are not automatically deleted upon that type of hostname change.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | cx860_firmware | - |
| lexmark | xc8155_firmware | - |
| lexmark | xc4150_firmware | - |
| lexmark | xc8160_firmware | - |
| lexmark | cx820_firmware | - |
| lexmark | cx725h_firmware | - |
| lexmark | cx825_firmware | - |
| lexmark | xc6152_firmware | - |
Certain older Lexmark devices (C, M, X, and 6500e before 2018-12-18) contain a directory traversal vulnerability in the embedded web server.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | xm1145_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | ms91x_firmware | * |
| lexmark | c79x_firmware | * |
| lexmark | ms610de_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | xm51xx_firmware | * |
| lexmark | x95x_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | cx510_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | xs478_firmware | * |
| lexmark | mx91x_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | sm91x_firmware | * |
| lexmark | cs41x_firmware | * |
| lexmark | cs51x_firmware | * |
| lexmark | m3150_firmware | * |
| lexmark | xm71xx_firmware | * |
| lexmark | xs95x_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | cx410_firmware | * |
| lexmark | c95x_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m5163_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | x74x_firmware | * |
| lexmark | mx81x_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | xc2132_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | xs79x_firmware | * |
| lexmark | ms610dte_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | mx71x_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
Various Lexmark products have CSRF.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | ms610dn_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | ms51x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms810_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | cs31x_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | ms812_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | ms71x_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | cs41x_firmware | * |
Various Lexmark products have Incorrect Access Control.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | c792_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | ms91x_firmware | * |
| lexmark | ms51x_firmware | * |
| lexmark | t65x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms610de_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | ms812_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | xm51xx_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | x95x_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | c734_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | mx91x_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm91x_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | cs41x_firmware | * |
| lexmark | cs51x_firmware | * |
| lexmark | m3150_firmware | * |
| lexmark | xm71xx_firmware | * |
| lexmark | c950_firmware | * |
| lexmark | xs95x_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | c736_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | m5163_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | x74x_firmware | * |
| lexmark | mx81x_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | ms810_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | w850_firmware | * |
| lexmark | c746_firmware | * |
| lexmark | cs31x_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | e46x_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | xs79x_firmware | * |
| lexmark | ms71x_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | mx71x_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | c792_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | ms91x_firmware | * |
| lexmark | ms51x_firmware | * |
| lexmark | t65x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | ms812_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | xm51xx_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | x95x_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | c734_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | mx91x_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm91x_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | cs41x_firmware | * |
| lexmark | xm71xx_firmware | * |
| lexmark | c950_firmware | * |
| lexmark | xs95x_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | c736_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | m5163_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | x74x_firmware | * |
| lexmark | mx81x_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | ms810_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | w850_firmware | * |
| lexmark | c746_firmware | * |
| lexmark | cs31x_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | e46x_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | xs79x_firmware | * |
| lexmark | ms71x_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | mx71x_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal technique using /../../../ or ..%2F..%2F..%2F to obtain local files on the host operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | services_monitor_firmware | 2.27.4.0.39 |
Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 2.3 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | c792_firmware | * |
| lexmark | xm1145_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | xm1140_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | ms91x_firmware | * |
| lexmark | ms51x_firmware | * |
| lexmark | t65x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms610de_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | ms812_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | xm51xx_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | x95x_firmware | * |
| lexmark | cx31x_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | c734_firmware | * |
| lexmark | cx510_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | mx91x_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm91x_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | m3150_firmware | * |
| lexmark | xm71xx_firmware | * |
| lexmark | c950_firmware | * |
| lexmark | cx51x_firmware | * |
| lexmark | xs95x_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | cx410_firmware | * |
| lexmark | c736_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | m5163_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | cx41x_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | x74x_firmware | * |
| lexmark | mx81x_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | ms810_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | xc2132_firmware | * |
| lexmark | w850_firmware | * |
| lexmark | c746_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | xc2130_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | e46x_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | xs79x_firmware | * |
| lexmark | ms71x_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | mx71x_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=EN_US.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 2.3 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | c792_firmware | * |
| lexmark | xm1145_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | xm1140_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | ms91x_firmware | * |
| lexmark | ms51x_firmware | * |
| lexmark | t65x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms610de_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | ms812_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | xm51xx_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | x95x_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | c734_firmware | * |
| lexmark | cx510_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | mx91x_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm91x_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | cs41x_firmware | * |
| lexmark | cs51x_firmware | * |
| lexmark | m3150_firmware | * |
| lexmark | xm71xx_firmware | * |
| lexmark | c950_firmware | * |
| lexmark | xs95x_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | cx410_firmware | * |
| lexmark | c736_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | m5163_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | x74x_firmware | * |
| lexmark | mx81x_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | ms810_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | xc2132_firmware | * |
| lexmark | w850_firmware | * |
| lexmark | c746_firmware | * |
| lexmark | cs31x_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | xc2130_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | e46x_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | xs79x_firmware | * |
| lexmark | ms71x_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | mx71x_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=EN_US.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 2.3 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | c792_firmware | * |
| lexmark | xm1145_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | xm1140_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | ms91x_firmware | * |
| lexmark | ms51x_firmware | * |
| lexmark | t65x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms610de_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | ms812_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | xm51xx_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | x95x_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | c734_firmware | * |
| lexmark | cx510_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | mx91x_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm91x_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | cs41x_firmware | * |
| lexmark | cs51x_firmware | * |
| lexmark | m3150_firmware | * |
| lexmark | xm71xx_firmware | * |
| lexmark | c950_firmware | * |
| lexmark | xs95x_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | cx410_firmware | * |
| lexmark | c736_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | m5163_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | x74x_firmware | * |
| lexmark | mx81x_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | ms810_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | xc2132_firmware | * |
| lexmark | w850_firmware | * |
| lexmark | c746_firmware | * |
| lexmark | cs31x_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | xc2130_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | e46x_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | xs79x_firmware | * |
| lexmark | ms71x_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | mx71x_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before 2019-02-11 allow remote attackers to erase stored shortcuts.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | xm7170_firmware | * |
| lexmark | xs95x_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | xm1145_firmware | * |
| lexmark | cx410_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | xm7170x_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | x74x_firmware | * |
| lexmark | mx81x_firmware | * |
| lexmark | xm7163_firmware | * |
| lexmark | xm7155x_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | xc2132_firmware | * |
| lexmark | xm7163x_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | x95x_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | xs79x_firmware | * |
| lexmark | xm5163_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | cx510_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | mx71x_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | mx91x_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm91x_firmware | * |
| lexmark | xm3150_firmware | * |
| lexmark | xm7155_firmware | * |
| lexmark | xm5170_firmware | * |
Various Lexmark products have an Integer Overflow.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | c792_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | ms91x_firmware | * |
| lexmark | ms51x_firmware | * |
| lexmark | t65x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | ms812_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | xm51xx_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | x95x_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | c734_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | mx91x_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm91x_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | cs41x_firmware | * |
| lexmark | xm71xx_firmware | * |
| lexmark | c950_firmware | * |
| lexmark | xs95x_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | c736_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | m5163_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | x74x_firmware | * |
| lexmark | mx81x_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | ms810_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | w850_firmware | * |
| lexmark | c746_firmware | * |
| lexmark | cs31x_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | e46x_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | xs79x_firmware | * |
| lexmark | ms71x_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | mx71x_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
Various Lexmark printers contain a denial of service vulnerability in the SNMP service that can be exploited to crash the device.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | c792_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | ms91x_firmware | * |
| lexmark | ms51x_firmware | * |
| lexmark | t65x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | ms812_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | xm51xx_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | x95x_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | c734_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | mx91x_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm91x_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | cs41x_firmware | * |
| lexmark | xm71xx_firmware | * |
| lexmark | c950_firmware | * |
| lexmark | xs95x_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | c736_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | m5163_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | x74x_firmware | * |
| lexmark | mx81x_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | ms810_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | w850_firmware | * |
| lexmark | c746_firmware | * |
| lexmark | cs31x_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | e46x_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | xs79x_firmware | * |
| lexmark | ms71x_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | mx71x_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
Various Lexmark products have a Buffer Overflow (issue 2 of 3).
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | c792_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | ms91x_firmware | * |
| lexmark | ms51x_firmware | * |
| lexmark | t65x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | ms812_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | xm51xx_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | x95x_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | c734_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | mx91x_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm91x_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | cs41x_firmware | * |
| lexmark | xm71xx_firmware | * |
| lexmark | c950_firmware | * |
| lexmark | xs95x_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | c736_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | m5163_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | x74x_firmware | * |
| lexmark | mx81x_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | ms810_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | w850_firmware | * |
| lexmark | c746_firmware | * |
| lexmark | cs31x_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | e46x_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | xs79x_firmware | * |
| lexmark | ms71x_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | mx71x_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
Various Lexmark products have a Buffer Overflow (issue 3 of 3).
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | c792_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | ms91x_firmware | * |
| lexmark | ms51x_firmware | * |
| lexmark | t65x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | ms812_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | xm51xx_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | x95x_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | c734_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | mx91x_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm91x_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | cs41x_firmware | * |
| lexmark | xm71xx_firmware | * |
| lexmark | c950_firmware | * |
| lexmark | xs95x_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | c736_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | m5163_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | x74x_firmware | * |
| lexmark | mx81x_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | ms810_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | w850_firmware | * |
| lexmark | c746_firmware | * |
| lexmark | cs31x_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | e46x_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | xs79x_firmware | * |
| lexmark | ms71x_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | mx71x_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
Various Lexmark products have Incorrect Access Control (issue 1 of 2).
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-306,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | ms610dn_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | ms51x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms810_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | cs31x_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | ms812_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | ms71x_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | cs41x_firmware | * |
Various Lexmark products have Incorrect Access Control (issue 2 of 2).
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-306,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | ms610dn_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | ms51x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms810_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | cs31x_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | ms812_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | ms71x_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | cs41x_firmware | * |
A cross-site scripting (XSS) vulnerability in Lexmark Pro910 series inkjet and other discontinued products.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 2.3 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | c792_firmware | * |
| lexmark | xm1145_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | xm1140_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | ms91x_firmware | * |
| lexmark | ms51x_firmware | * |
| lexmark | t65x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms610de_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | ms812_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | xm51xx_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | x95x_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | c734_firmware | * |
| lexmark | cx510_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | mx91x_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm91x_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | cs41x_firmware | * |
| lexmark | cs51x_firmware | * |
| lexmark | m3150_firmware | * |
| lexmark | xm71xx_firmware | * |
| lexmark | c950_firmware | * |
| lexmark | xs95x_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | cx410_firmware | * |
| lexmark | c736_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | m5163_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | x74x_firmware | * |
| lexmark | mx81x_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | ms810_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | xc2132_firmware | * |
| lexmark | w850_firmware | * |
| lexmark | c746_firmware | * |
| lexmark | cs31x_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | xc2130_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | e46x_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | xs79x_firmware | * |
| lexmark | ms71x_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | mx71x_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
A cross-site scripting (XSS) vulnerability in Lexmark CS31x before LW74.VYL.P273; CS41x before LW74.VY2.P273; CS51x before LW74.VY4.P273; CX310 before LW74.GM2.P273; CX410 & XC2130 before LW74.GM4.P273; CX510 & XC2132 before LW74.GM7.P273; MS310, MS312, MS317 before LW74.PRL.P273; MS410, M1140 before LW74.PRL.P273; MS315, MS415, MS417 before LW74.TL2.P273; MS51x, MS610dn, MS617 before LW74.PR2.P273; M1145, M3150dn before LW74.PR2.P273; MS610de, M3150 before LW74.PR4.P273; MS71x,M5163dn before LW74.DN2.P273; MS810, MS811, MS812, MS817, MS818 before LW74.DN2.P273; MS810de, M5155, M5163 before LW74.DN4.P273; MS812de, M5170 before LW74.DN7.P273; MS91x before LW74.SA.P273; MX31x, XM1135 before LW74.SB2.P273; MX410, MX510 & MX511 before LW74.SB4.P273; XM1140, XM1145 before LW74.SB4.P273; MX610 & MX611 before LW74.SB7.P273; XM3150 before LW74.SB7.P273; MX71x, MX81x before LW74.TU.P273; XM51xx & XM71xx before LW74.TU.P273; MX91x & XM91x before LW74.MG.P273; MX6500e before LW74.JD.P273; C746 before LHS60.CM2.P738; C748, CS748 before LHS60.CM4.P738; C792, CS796 before LHS60.HC.P738; C925 before LHS60.HV.P738; C950 before LHS60.TP.P738; X548 & XS548 before LHS60.VK.P738; X74x & XS748 before LHS60.NY.P738; X792 & XS79x before LHS60.MR.P738; X925 & XS925 before LHS60.HK.P738; X95x & XS95x before LHS60.TQ.P738; 6500e before LHS60.JR.P738;C734 LR.SK.P824 and earlier; C736 LR.SKE.P824 and earlier; E46x LR.LBH.P824 and earlier; T65x LR.JP.P824 and earlier; X46x LR.BS.P824 and earlier; X65x LR.MN.P824 and earlier; X73x LR.FL.P824 and earlier; W850 LP.JB.P823 and earlier; and X86x LP.SP.P823 and earlier.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 2.3 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | c792_firmware | * |
| lexmark | xm1145_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | xm1140_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | mx31x_firmware | * |
| lexmark | ms91x_firmware | * |
| lexmark | ms51x_firmware | * |
| lexmark | t65x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms610de_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | ms812_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | xm51xx_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | x95x_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | c734_firmware | * |
| lexmark | cx510_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | mx91x_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm91x_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | cs41x_firmware | * |
| lexmark | cs51x_firmware | * |
| lexmark | m3150_firmware | * |
| lexmark | xm71xx_firmware | * |
| lexmark | c950_firmware | * |
| lexmark | xs95x_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | cx410_firmware | * |
| lexmark | c736_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | m5163_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | x74x_firmware | * |
| lexmark | mx81x_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | ms810_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | xc2132_firmware | * |
| lexmark | w850_firmware | * |
| lexmark | c746_firmware | * |
| lexmark | cs31x_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | xc2130_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | e46x_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | xs79x_firmware | * |
| lexmark | ms71x_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | mx71x_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
The Lexmark Universal Print Driver version 2.15.1.0 and below, G2 driver 2.7.1.0 and below, G3 driver 3.2.0.0 and below, and G4 driver 4.2.1.0 and below are affected by a privilege escalation vulnerability. A standard low priviliged user can use the driver to execute a DLL of their choosing during the add printer process, resulting in escalation of privileges to SYSTEM.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-732,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | g4_driver | * |
| lexmark | g3_driver | * |
| lexmark | universal_print_driver | * |
| lexmark | g2_driver | * |
The Lexmark Printer Software G2, G3 and G4 Installation Packages have a local escalation of privilege vulnerability due to a registry entry that has an unquoted service path.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-428,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | printer_software_g4 | * |
| lexmark | printer_software_g3 | * |
| lexmark | printer_software_g2 | * |
Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | c792_firmware | * |
| lexmark | cs923_firmware | * |
| lexmark | mc2325_firmware | * |
| lexmark | xm1145_firmware | * |
| lexmark | cx431_firmware | * |
| lexmark | xc9225_firmware | * |
| lexmark | mx910_firmware | * |
| lexmark | m3150de_firmware | * |
| lexmark | c2535_firmware | * |
| lexmark | ms826_firmware | * |
| lexmark | xc9245_firmware | * |
| lexmark | mx822_firmware | * |
| lexmark | xc8160_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | ms517_firmware | * |
| lexmark | xm9145_firmware | * |
| lexmark | mx718_firmware | * |
| lexmark | c4150_firmware | * |
| lexmark | mb2338_firmware | * |
| lexmark | m5163de_firmware | * |
| lexmark | mb3442_firmware | * |
| lexmark | xm5163_firmware | * |
| lexmark | cx510_firmware | * |
| lexmark | cx625_firmware | * |
| lexmark | x746_firmware | * |
| lexmark | xm3250_firmware | * |
| lexmark | b2650_firmware | * |
| lexmark | xm5270_firmware | * |
| lexmark | c3426_firmware | * |
| lexmark | cx860_firmware | * |
| lexmark | xc9255_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | cx410_firmware | * |
| lexmark | c736_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | mx417_firmware | * |
| lexmark | mc2535_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | mb2770_firmware | * |
| lexmark | xm7263_firmware | * |
| lexmark | xm7370_firmware | * |
| lexmark | xs798_firmware | * |
| lexmark | cx317_firmware | * |
| lexmark | mx717_firmware | * |
| lexmark | cx331_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | ms331_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | xm7163_firmware | * |
| lexmark | w850_firmware | * |
| lexmark | c3224_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | cx725_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | ms621_firmware | * |
| lexmark | xm9155_firmware | * |
| lexmark | mx911_firmware | * |
| lexmark | cs431_firmware | * |
| lexmark | b2338_firmware | * |
| lexmark | b2442_firmware | * |
| lexmark | cs720_firmware | * |
| lexmark | ms810dn_firmware | * |
| lexmark | c9235_firmware | * |
| lexmark | cs727_firmware | * |
| lexmark | cs725_firmware | * |
| lexmark | cs310_firmware | * |
| lexmark | xm7355_firmware | * |
| lexmark | mx331_firmware | * |
| lexmark | cx522_firmware | * |
| lexmark | t65x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | ms710_firmware | * |
| lexmark | cs622_firmware | * |
| lexmark | x950_firmware | * |
| lexmark | cx923_firmware | * |
| lexmark | ms825_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | xm5365_firmware | * |
| lexmark | mx811_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m1242_firmware | * |
| lexmark | c734_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm1246_firmware | * |
| lexmark | mx710_firmware | * |
| lexmark | mx421_firmware | * |
| lexmark | xc9265_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | xc4143_firmware | * |
| lexmark | mx622_firmware | * |
| lexmark | cx622_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | x748_firmware | * |
| lexmark | cx920_firmware | * |
| lexmark | x952_firmware | * |
| lexmark | xc2235_firmware | * |
| lexmark | mx721_firmware | * |
| lexmark | xs950_firmware | * |
| lexmark | ms711_firmware | * |
| lexmark | xs796_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | cs439_firmware | * |
| lexmark | xc2130_firmware | * |
| lexmark | xc2326_firmware | * |
| lexmark | mx617_firmware | * |
| lexmark | b2865_firmware | * |
| lexmark | cs921_firmware | * |
| lexmark | mc3326_firmware | * |
| lexmark | mx521_firmware | * |
| lexmark | cx825_firmware | * |
| lexmark | cx820_firmware | * |
| lexmark | c2425_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | ms510_firmware | * |
| lexmark | c2240_firmware | * |
| lexmark | c2326_firmware | * |
| lexmark | xc8155_firmware | * |
| lexmark | xm7155_firmware | * |
| lexmark | xm9165_firmware | * |
| lexmark | m5270_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | mx812_firmware | * |
| lexmark | cx924_firmware | * |
| lexmark | mx912_firmware | * |
| lexmark | m1246_firmware | * |
| lexmark | cs410_firmware | * |
| lexmark | cx727_firmware | * |
| lexmark | cs517_firmware | * |
| lexmark | xc4153_firmware | * |
| lexmark | b2546_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | xc6152_firmware | * |
| lexmark | ms610de_firmware | * |
| lexmark | xs955_firmware | * |
| lexmark | mb2546_firmware | * |
| lexmark | cs417_firmware | * |
| lexmark | mc3224_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | cs521_firmware | * |
| lexmark | ms431_firmware | * |
| lexmark | xc9235_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | mx722_firmware | * |
| lexmark | ms725_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | m5255_firmware | * |
| lexmark | c6160_firmware | * |
| lexmark | c950_firmware | * |
| lexmark | mx321_firmware | * |
| lexmark | b3340_firmware | * |
| lexmark | ms812dn_firmware | * |
| lexmark | mb2236_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | xs795_firmware | * |
| lexmark | cs927_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | xc2132_firmware | * |
| lexmark | xm1242_firmware | * |
| lexmark | e46x_firmware | * |
| lexmark | cs827_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | mc3426_firmware | * |
| lexmark | mx317_firmware | * |
| lexmark | m1342_firmware | * |
| lexmark | c3326_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | xc4140_firmware | * |
| lexmark | cs421_firmware | * |
| lexmark | mc2640_firmware | * |
| lexmark | mx517_firmware | * |
| lexmark | xm5170_firmware | * |
| lexmark | mb2650_firmware | * |
| lexmark | ms321_firmware | * |
| lexmark | ms622_firmware | * |
| lexmark | mx826_firmware | * |
| lexmark | xm1140_firmware | * |
| lexmark | ms521_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | cs510_firmware | * |
| lexmark | xc4150_firmware | * |
| lexmark | ms911_firmware | * |
| lexmark | mb2442_firmware | * |
| lexmark | m3250_firmware | * |
| lexmark | cx417_firmware | * |
| lexmark | cx922_firmware | * |
| lexmark | cx921_firmware | * |
| lexmark | b3442_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | mc2425_firmware | * |
| lexmark | xm5263_firmware | * |
| lexmark | xc8163_firmware | * |
| lexmark | mx310_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx711_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | xc4240_firmware | * |
| lexmark | cs728_firmware | * |
| lexmark | ms821_firmware | * |
| lexmark | xc6153_firmware | * |
| lexmark | xm7170_firmware | * |
| lexmark | b2236_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | ms421_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms823_firmware | * |
| lexmark | xm7270_firmware | * |
| lexmark | cx517_firmware | * |
| lexmark | x954_firmware | * |
| lexmark | mx810_firmware | * |
| lexmark | ms822_firmware | * |
| lexmark | c746_firmware | * |
| lexmark | cs820_firmware | * |
| lexmark | cs331_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | c2132_firmware | * |
| lexmark | mx522_firmware | * |
| lexmark | m1140+_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | xm1342_firmware | * |
| lexmark | cx421_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | c2325_firmware | * |
| lexmark | mx431_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
| lexmark | cs317_firmware | * |
Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | m5270_firmware | * |
| lexmark | cs923_firmware | * |
| lexmark | mc2325_firmware | * |
| lexmark | cx431_firmware | * |
| lexmark | cx924_firmware | * |
| lexmark | xc9225_firmware | * |
| lexmark | m1246_firmware | * |
| lexmark | cx727_firmware | * |
| lexmark | c2535_firmware | * |
| lexmark | xc4153_firmware | * |
| lexmark | b2546_firmware | * |
| lexmark | ms826_firmware | * |
| lexmark | xc6152_firmware | * |
| lexmark | xc9245_firmware | * |
| lexmark | mx822_firmware | * |
| lexmark | mb2546_firmware | * |
| lexmark | xc8160_firmware | * |
| lexmark | mc3224_firmware | * |
| lexmark | cs521_firmware | * |
| lexmark | ms431_firmware | * |
| lexmark | c4150_firmware | * |
| lexmark | mb2338_firmware | * |
| lexmark | xc9235_firmware | * |
| lexmark | mb3442_firmware | * |
| lexmark | mx722_firmware | * |
| lexmark | cx625_firmware | * |
| lexmark | ms725_firmware | * |
| lexmark | xm3250_firmware | * |
| lexmark | m5255_firmware | * |
| lexmark | b2650_firmware | * |
| lexmark | c6160_firmware | * |
| lexmark | c3426_firmware | * |
| lexmark | cx860_firmware | * |
| lexmark | mx321_firmware | * |
| lexmark | b3340_firmware | * |
| lexmark | xc9255_firmware | * |
| lexmark | mb2236_firmware | * |
| lexmark | mc2535_firmware | * |
| lexmark | mb2770_firmware | * |
| lexmark | xm7370_firmware | * |
| lexmark | cx331_firmware | * |
| lexmark | ms331_firmware | * |
| lexmark | cs927_firmware | * |
| lexmark | xm1242_firmware | * |
| lexmark | c3224_firmware | * |
| lexmark | cx725_firmware | * |
| lexmark | ms621_firmware | * |
| lexmark | cs827_firmware | * |
| lexmark | mc3426_firmware | * |
| lexmark | m1342_firmware | * |
| lexmark | cs431_firmware | * |
| lexmark | b2338_firmware | * |
| lexmark | c3326_firmware | * |
| lexmark | b2442_firmware | * |
| lexmark | cs720_firmware | * |
| lexmark | xc4140_firmware | * |
| lexmark | cs421_firmware | * |
| lexmark | mc2640_firmware | * |
| lexmark | c9235_firmware | * |
| lexmark | mb2650_firmware | * |
| lexmark | ms321_firmware | * |
| lexmark | ms622_firmware | * |
| lexmark | mx826_firmware | * |
| lexmark | ms521_firmware | * |
| lexmark | cs727_firmware | * |
| lexmark | cs725_firmware | * |
| lexmark | xc4150_firmware | * |
| lexmark | mb2442_firmware | * |
| lexmark | xm7355_firmware | * |
| lexmark | m3250_firmware | * |
| lexmark | mx331_firmware | * |
| lexmark | cx522_firmware | * |
| lexmark | cx922_firmware | * |
| lexmark | cx921_firmware | * |
| lexmark | cs622_firmware | * |
| lexmark | b3442_firmware | * |
| lexmark | cx923_firmware | * |
| lexmark | mc2425_firmware | * |
| lexmark | ms825_firmware | * |
| lexmark | xc8163_firmware | * |
| lexmark | xm5365_firmware | * |
| lexmark | m1242_firmware | * |
| lexmark | xc4240_firmware | * |
| lexmark | cs728_firmware | * |
| lexmark | xm1246_firmware | * |
| lexmark | ms821_firmware | * |
| lexmark | xc6153_firmware | * |
| lexmark | mx421_firmware | * |
| lexmark | xc9265_firmware | * |
| lexmark | xc4143_firmware | * |
| lexmark | mx622_firmware | * |
| lexmark | b2236_firmware | * |
| lexmark | cx622_firmware | * |
| lexmark | ms421_firmware | * |
| lexmark | cx920_firmware | * |
| lexmark | xc2235_firmware | * |
| lexmark | mx721_firmware | * |
| lexmark | ms823_firmware | * |
| lexmark | ms822_firmware | * |
| lexmark | cs820_firmware | * |
| lexmark | cs331_firmware | * |
| lexmark | cs439_firmware | * |
| lexmark | xc2326_firmware | * |
| lexmark | b2865_firmware | * |
| lexmark | cs921_firmware | * |
| lexmark | mc3326_firmware | * |
| lexmark | mx521_firmware | * |
| lexmark | mx522_firmware | * |
| lexmark | cx825_firmware | * |
| lexmark | cx820_firmware | * |
| lexmark | xm1342_firmware | * |
| lexmark | c2425_firmware | * |
| lexmark | cx421_firmware | * |
| lexmark | c2325_firmware | * |
| lexmark | mx431_firmware | * |
| lexmark | c2240_firmware | * |
| lexmark | c2326_firmware | * |
| lexmark | xc8155_firmware | * |
The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | mc3224i_firmware | - |
PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | c792_firmware | * |
| lexmark | cs923_firmware | * |
| lexmark | mc2325_firmware | * |
| lexmark | xm1145_firmware | * |
| lexmark | cx431_firmware | * |
| lexmark | xc9225_firmware | * |
| lexmark | mx910_firmware | * |
| lexmark | m3150de_firmware | * |
| lexmark | c2535_firmware | * |
| lexmark | ms826_firmware | * |
| lexmark | xc9245_firmware | * |
| lexmark | mx822_firmware | * |
| lexmark | xc8160_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | ms517_firmware | * |
| lexmark | xm9145_firmware | * |
| lexmark | mx718_firmware | * |
| lexmark | c4150_firmware | * |
| lexmark | mb2338_firmware | * |
| lexmark | m5163de_firmware | * |
| lexmark | mb3442_firmware | * |
| lexmark | xm5163_firmware | * |
| lexmark | cx510_firmware | * |
| lexmark | cx625_firmware | * |
| lexmark | x746_firmware | * |
| lexmark | xm3250_firmware | * |
| lexmark | b2650_firmware | * |
| lexmark | xm5270_firmware | * |
| lexmark | c3426_firmware | * |
| lexmark | cx860_firmware | * |
| lexmark | xc9255_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | cx410_firmware | * |
| lexmark | c736_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | mx417_firmware | * |
| lexmark | mc2535_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | mb2770_firmware | * |
| lexmark | xm7263_firmware | * |
| lexmark | xm7370_firmware | * |
| lexmark | xs798_firmware | * |
| lexmark | cx317_firmware | * |
| lexmark | mx717_firmware | * |
| lexmark | cx331_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | ms331_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | xm7163_firmware | * |
| lexmark | w850_firmware | * |
| lexmark | c3224_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | cx725_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | ms621_firmware | * |
| lexmark | xm9155_firmware | * |
| lexmark | mx911_firmware | * |
| lexmark | cs431_firmware | * |
| lexmark | b2338_firmware | * |
| lexmark | b2442_firmware | * |
| lexmark | cs720_firmware | * |
| lexmark | ms810dn_firmware | * |
| lexmark | c9235_firmware | * |
| lexmark | cs727_firmware | * |
| lexmark | cs725_firmware | * |
| lexmark | cs310_firmware | * |
| lexmark | xm7355_firmware | * |
| lexmark | mx331_firmware | * |
| lexmark | cx522_firmware | * |
| lexmark | t65x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | ms710_firmware | * |
| lexmark | cs622_firmware | * |
| lexmark | x950_firmware | * |
| lexmark | cx923_firmware | * |
| lexmark | ms825_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | xm5365_firmware | * |
| lexmark | mx811_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m1242_firmware | * |
| lexmark | c734_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm1246_firmware | * |
| lexmark | mx710_firmware | * |
| lexmark | mx421_firmware | * |
| lexmark | xc9265_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | xc4143_firmware | * |
| lexmark | mx622_firmware | * |
| lexmark | cx622_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | x748_firmware | * |
| lexmark | cx920_firmware | * |
| lexmark | x952_firmware | * |
| lexmark | xc2235_firmware | * |
| lexmark | mx721_firmware | * |
| lexmark | xs950_firmware | * |
| lexmark | ms711_firmware | * |
| lexmark | xs796_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | cs439_firmware | * |
| lexmark | xc2130_firmware | * |
| lexmark | xc2326_firmware | * |
| lexmark | mx617_firmware | * |
| lexmark | b2865_firmware | * |
| lexmark | cs921_firmware | * |
| lexmark | mc3326_firmware | * |
| lexmark | mx521_firmware | * |
| lexmark | cx825_firmware | * |
| lexmark | cx820_firmware | * |
| lexmark | c2425_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | ms510_firmware | * |
| lexmark | c2240_firmware | * |
| lexmark | c2326_firmware | * |
| lexmark | xc8155_firmware | * |
| lexmark | xm7155_firmware | * |
| lexmark | xm9165_firmware | * |
| lexmark | m5270_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | mx812_firmware | * |
| lexmark | cx924_firmware | * |
| lexmark | mx912_firmware | * |
| lexmark | m1246_firmware | * |
| lexmark | cs410_firmware | * |
| lexmark | cx727_firmware | * |
| lexmark | cs517_firmware | * |
| lexmark | xc4153_firmware | * |
| lexmark | b2546_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | xc6152_firmware | * |
| lexmark | ms610de_firmware | * |
| lexmark | xs955_firmware | * |
| lexmark | mb2546_firmware | * |
| lexmark | cs417_firmware | * |
| lexmark | mc3224_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | cs521_firmware | * |
| lexmark | ms431_firmware | * |
| lexmark | xc9235_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | mx722_firmware | * |
| lexmark | ms725_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | m5255_firmware | * |
| lexmark | c6160_firmware | * |
| lexmark | c950_firmware | * |
| lexmark | mx321_firmware | * |
| lexmark | b3340_firmware | * |
| lexmark | ms812dn_firmware | * |
| lexmark | mb2236_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | xs795_firmware | * |
| lexmark | cs927_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | xc2132_firmware | * |
| lexmark | xm1242_firmware | * |
| lexmark | e46x_firmware | * |
| lexmark | cs827_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | mc3426_firmware | * |
| lexmark | mx317_firmware | * |
| lexmark | m1342_firmware | * |
| lexmark | c3326_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | xc4140_firmware | * |
| lexmark | cs421_firmware | * |
| lexmark | mc2640_firmware | * |
| lexmark | mx517_firmware | * |
| lexmark | xm5170_firmware | * |
| lexmark | mb2650_firmware | * |
| lexmark | ms321_firmware | * |
| lexmark | ms622_firmware | * |
| lexmark | mx826_firmware | * |
| lexmark | xm1140_firmware | * |
| lexmark | ms521_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | cs510_firmware | * |
| lexmark | xc4150_firmware | * |
| lexmark | ms911_firmware | * |
| lexmark | mb2442_firmware | * |
| lexmark | m3250_firmware | * |
| lexmark | cx417_firmware | * |
| lexmark | cx922_firmware | * |
| lexmark | cx921_firmware | * |
| lexmark | b3442_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | mc2425_firmware | * |
| lexmark | xm5263_firmware | * |
| lexmark | xc8163_firmware | * |
| lexmark | mx310_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx711_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | xc4240_firmware | * |
| lexmark | cs728_firmware | * |
| lexmark | ms821_firmware | * |
| lexmark | xc6153_firmware | * |
| lexmark | xm7170_firmware | * |
| lexmark | b2236_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | ms421_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms823_firmware | * |
| lexmark | xm7270_firmware | * |
| lexmark | cx517_firmware | * |
| lexmark | x954_firmware | * |
| lexmark | mx810_firmware | * |
| lexmark | ms822_firmware | * |
| lexmark | c746_firmware | * |
| lexmark | cs820_firmware | * |
| lexmark | cs331_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | c2132_firmware | * |
| lexmark | mx522_firmware | * |
| lexmark | m1140+_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | xm1342_firmware | * |
| lexmark | cx421_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | c2325_firmware | * |
| lexmark | mx431_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
| lexmark | cs317_firmware | * |
Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | c792_firmware | * |
| lexmark | cs923_firmware | * |
| lexmark | mc2325_firmware | * |
| lexmark | xm1145_firmware | * |
| lexmark | cx431_firmware | * |
| lexmark | xc9225_firmware | * |
| lexmark | mx910_firmware | * |
| lexmark | m3150de_firmware | * |
| lexmark | c2535_firmware | * |
| lexmark | ms826_firmware | * |
| lexmark | xc9245_firmware | * |
| lexmark | mx822_firmware | * |
| lexmark | xc8160_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | ms517_firmware | * |
| lexmark | xm9145_firmware | * |
| lexmark | mx718_firmware | * |
| lexmark | c4150_firmware | * |
| lexmark | mb2338_firmware | * |
| lexmark | m5163de_firmware | * |
| lexmark | mb3442_firmware | * |
| lexmark | xm5163_firmware | * |
| lexmark | cx510_firmware | * |
| lexmark | cx625_firmware | * |
| lexmark | x746_firmware | * |
| lexmark | xm3250_firmware | * |
| lexmark | b2650_firmware | * |
| lexmark | xm5270_firmware | * |
| lexmark | c3426_firmware | * |
| lexmark | cx860_firmware | * |
| lexmark | xc9255_firmware | * |
| lexmark | 6500e_firmware | * |
| lexmark | cx410_firmware | * |
| lexmark | c736_firmware | * |
| lexmark | x925_firmware | * |
| lexmark | mx417_firmware | * |
| lexmark | mc2535_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | mb2770_firmware | * |
| lexmark | xm7263_firmware | * |
| lexmark | xm7370_firmware | * |
| lexmark | xs798_firmware | * |
| lexmark | cx317_firmware | * |
| lexmark | mx717_firmware | * |
| lexmark | cx331_firmware | * |
| lexmark | x65x_firmware | * |
| lexmark | ms331_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | xm7163_firmware | * |
| lexmark | w850_firmware | * |
| lexmark | c3224_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | cx725_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | ms621_firmware | * |
| lexmark | xm9155_firmware | * |
| lexmark | mx911_firmware | * |
| lexmark | cs431_firmware | * |
| lexmark | b2338_firmware | * |
| lexmark | b2442_firmware | * |
| lexmark | cs720_firmware | * |
| lexmark | ms810dn_firmware | * |
| lexmark | c9235_firmware | * |
| lexmark | cs727_firmware | * |
| lexmark | cs725_firmware | * |
| lexmark | cs310_firmware | * |
| lexmark | xm7355_firmware | * |
| lexmark | mx331_firmware | * |
| lexmark | cx522_firmware | * |
| lexmark | t65x_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | ms710_firmware | * |
| lexmark | cs622_firmware | * |
| lexmark | x950_firmware | * |
| lexmark | cx923_firmware | * |
| lexmark | ms825_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | xm5365_firmware | * |
| lexmark | mx811_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m1242_firmware | * |
| lexmark | c734_firmware | * |
| lexmark | c748_firmware | * |
| lexmark | x86x_firmware | * |
| lexmark | xm1246_firmware | * |
| lexmark | mx710_firmware | * |
| lexmark | mx421_firmware | * |
| lexmark | xc9265_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | xc4143_firmware | * |
| lexmark | mx622_firmware | * |
| lexmark | cx622_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | x548_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | x748_firmware | * |
| lexmark | cx920_firmware | * |
| lexmark | x952_firmware | * |
| lexmark | xc2235_firmware | * |
| lexmark | mx721_firmware | * |
| lexmark | xs950_firmware | * |
| lexmark | ms711_firmware | * |
| lexmark | xs796_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | cs439_firmware | * |
| lexmark | xc2130_firmware | * |
| lexmark | xc2326_firmware | * |
| lexmark | mx617_firmware | * |
| lexmark | b2865_firmware | * |
| lexmark | cs921_firmware | * |
| lexmark | mc3326_firmware | * |
| lexmark | mx521_firmware | * |
| lexmark | cx825_firmware | * |
| lexmark | cx820_firmware | * |
| lexmark | c2425_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | xs548_firmware | * |
| lexmark | ms510_firmware | * |
| lexmark | c2240_firmware | * |
| lexmark | c2326_firmware | * |
| lexmark | xc8155_firmware | * |
| lexmark | xm7155_firmware | * |
| lexmark | xm9165_firmware | * |
| lexmark | m5270_firmware | * |
| lexmark | c925_firmware | * |
| lexmark | mx812_firmware | * |
| lexmark | cx924_firmware | * |
| lexmark | mx912_firmware | * |
| lexmark | m1246_firmware | * |
| lexmark | cs410_firmware | * |
| lexmark | cx727_firmware | * |
| lexmark | cs517_firmware | * |
| lexmark | xc4153_firmware | * |
| lexmark | b2546_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | xc6152_firmware | * |
| lexmark | ms610de_firmware | * |
| lexmark | xs955_firmware | * |
| lexmark | mb2546_firmware | * |
| lexmark | cs417_firmware | * |
| lexmark | mc3224_firmware | * |
| lexmark | mx6500e_firmware | * |
| lexmark | cs521_firmware | * |
| lexmark | ms431_firmware | * |
| lexmark | xc9235_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | mx722_firmware | * |
| lexmark | ms725_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | m5255_firmware | * |
| lexmark | c6160_firmware | * |
| lexmark | c950_firmware | * |
| lexmark | mx321_firmware | * |
| lexmark | b3340_firmware | * |
| lexmark | ms812dn_firmware | * |
| lexmark | mb2236_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | xs795_firmware | * |
| lexmark | cs927_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | xc2132_firmware | * |
| lexmark | xm1242_firmware | * |
| lexmark | e46x_firmware | * |
| lexmark | cs827_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | mc3426_firmware | * |
| lexmark | mx317_firmware | * |
| lexmark | m1342_firmware | * |
| lexmark | c3326_firmware | * |
| lexmark | x792_firmware | * |
| lexmark | xc4140_firmware | * |
| lexmark | cs421_firmware | * |
| lexmark | mc2640_firmware | * |
| lexmark | mx517_firmware | * |
| lexmark | xm5170_firmware | * |
| lexmark | mb2650_firmware | * |
| lexmark | ms321_firmware | * |
| lexmark | ms622_firmware | * |
| lexmark | mx826_firmware | * |
| lexmark | xm1140_firmware | * |
| lexmark | ms521_firmware | * |
| lexmark | x73x_firmware | * |
| lexmark | cs510_firmware | * |
| lexmark | xc4150_firmware | * |
| lexmark | ms911_firmware | * |
| lexmark | mb2442_firmware | * |
| lexmark | m3250_firmware | * |
| lexmark | cx417_firmware | * |
| lexmark | cx922_firmware | * |
| lexmark | cx921_firmware | * |
| lexmark | b3442_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | mc2425_firmware | * |
| lexmark | xm5263_firmware | * |
| lexmark | xc8163_firmware | * |
| lexmark | mx310_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx711_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | xc4240_firmware | * |
| lexmark | cs728_firmware | * |
| lexmark | ms821_firmware | * |
| lexmark | xc6153_firmware | * |
| lexmark | xm7170_firmware | * |
| lexmark | b2236_firmware | * |
| lexmark | xs748_firmware | * |
| lexmark | ms421_firmware | * |
| lexmark | cs796_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms823_firmware | * |
| lexmark | xm7270_firmware | * |
| lexmark | cx517_firmware | * |
| lexmark | x954_firmware | * |
| lexmark | mx810_firmware | * |
| lexmark | ms822_firmware | * |
| lexmark | c746_firmware | * |
| lexmark | cs820_firmware | * |
| lexmark | cs331_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | c2132_firmware | * |
| lexmark | mx522_firmware | * |
| lexmark | m1140+_firmware | * |
| lexmark | xs925_firmware | * |
| lexmark | xm1342_firmware | * |
| lexmark | cx421_firmware | * |
| lexmark | x46x_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | c2325_firmware | * |
| lexmark | mx431_firmware | * |
| lexmark | cs748_firmware | * |
| lexmark | xm3150_firmware | * |
| lexmark | cs317_firmware | * |
Lexmark products through 2022-02-10 have Incorrect Access Control.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-306,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | lexmark_firmware | * |
Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | m5270_firmware | * |
| lexmark | cs923_firmware | * |
| lexmark | mc2325_firmware | * |
| lexmark | cx431_firmware | * |
| lexmark | cx924_firmware | * |
| lexmark | xc9225_firmware | * |
| lexmark | m1246_firmware | * |
| lexmark | cx727_firmware | * |
| lexmark | c2535_firmware | * |
| lexmark | xc4153_firmware | * |
| lexmark | b2546_firmware | * |
| lexmark | ms826_firmware | * |
| lexmark | xc6152_firmware | * |
| lexmark | xc9245_firmware | * |
| lexmark | mx822_firmware | * |
| lexmark | mb2546_firmware | * |
| lexmark | xc8160_firmware | * |
| lexmark | mc3224_firmware | * |
| lexmark | cs521_firmware | * |
| lexmark | ms431_firmware | * |
| lexmark | c4150_firmware | * |
| lexmark | xc9235_firmware | * |
| lexmark | mb3442_firmware | * |
| lexmark | mx722_firmware | * |
| lexmark | cx625_firmware | * |
| lexmark | ms725_firmware | * |
| lexmark | xm3250_firmware | * |
| lexmark | m5255_firmware | * |
| lexmark | b2650_firmware | * |
| lexmark | c6160_firmware | * |
| lexmark | c3426_firmware | * |
| lexmark | cx860_firmware | * |
| lexmark | mx321_firmware | * |
| lexmark | b3340_firmware | * |
| lexmark | xc9255_firmware | * |
| lexmark | mb2236_firmware | * |
| lexmark | mc2535_firmware | * |
| lexmark | mb2770_firmware | * |
| lexmark | xm7370_firmware | * |
| lexmark | cx331_firmware | * |
| lexmark | ms331_firmware | * |
| lexmark | cs927_firmware | * |
| lexmark | xm1242_firmware | * |
| lexmark | c3224_firmware | * |
| lexmark | cx725_firmware | * |
| lexmark | ms621_firmware | * |
| lexmark | cs827_firmware | * |
| lexmark | mc3426_firmware | * |
| lexmark | m1342_firmware | * |
| lexmark | cs431_firmware | * |
| lexmark | b2338_firmware | * |
| lexmark | c3326_firmware | * |
| lexmark | b2442_firmware | * |
| lexmark | cs720_firmware | * |
| lexmark | xc4140_firmware | * |
| lexmark | cs421_firmware | * |
| lexmark | mc2640_firmware | * |
| lexmark | c9235_firmware | * |
| lexmark | mb2650_firmware | * |
| lexmark | ms321_firmware | * |
| lexmark | ms622_firmware | * |
| lexmark | mx826_firmware | * |
| lexmark | ms521_firmware | * |
| lexmark | cs727_firmware | * |
| lexmark | cs725_firmware | * |
| lexmark | xc4150_firmware | * |
| lexmark | mb2442_firmware | * |
| lexmark | xm7355_firmware | * |
| lexmark | m3250_firmware | * |
| lexmark | mx331_firmware | * |
| lexmark | cx522_firmware | * |
| lexmark | cx922_firmware | * |
| lexmark | cx921_firmware | * |
| lexmark | cs622_firmware | * |
| lexmark | b3442_firmware | * |
| lexmark | cx923_firmware | * |
| lexmark | mc2425_firmware | * |
| lexmark | ms825_firmware | * |
| lexmark | xc8163_firmware | * |
| lexmark | xm5365_firmware | * |
| lexmark | m1242_firmware | * |
| lexmark | xc4240_firmware | * |
| lexmark | cs728_firmware | * |
| lexmark | xm1246_firmware | * |
| lexmark | ms821_firmware | * |
| lexmark | xc6153_firmware | * |
| lexmark | mx421_firmware | * |
| lexmark | xc9265_firmware | * |
| lexmark | xc4143_firmware | * |
| lexmark | mx622_firmware | * |
| lexmark | b2236_firmware | * |
| lexmark | cx622_firmware | * |
| lexmark | ms421_firmware | * |
| lexmark | cx920_firmware | * |
| lexmark | xc2235_firmware | * |
| lexmark | mx721_firmware | * |
| lexmark | ms823_firmware | * |
| lexmark | ms822_firmware | * |
| lexmark | cs820_firmware | * |
| lexmark | cs331_firmware | * |
| lexmark | cs439_firmware | * |
| lexmark | xc2326_firmware | * |
| lexmark | b2865_firmware | * |
| lexmark | cs921_firmware | * |
| lexmark | mc3326_firmware | * |
| lexmark | mx521_firmware | * |
| lexmark | mx522_firmware | * |
| lexmark | cx825_firmware | * |
| lexmark | cx820_firmware | * |
| lexmark | xm1342_firmware | * |
| lexmark | c2425_firmware | * |
| lexmark | cx421_firmware | * |
| lexmark | c2325_firmware | * |
| lexmark | mx431_firmware | * |
| lexmark | c2240_firmware | * |
| lexmark | c2326_firmware | * |
| lexmark | xc8155_firmware | * |
Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | xc4342_firmware | * |
| lexmark | m5270_firmware | * |
| lexmark | mx931_firmware | * |
| lexmark | cs923_firmware | * |
| lexmark | mc2325_firmware | * |
| lexmark | cx431_firmware | * |
| lexmark | cx924_firmware | * |
| lexmark | xc9225_firmware | * |
| lexmark | m1246_firmware | * |
| lexmark | mx432_firmware | * |
| lexmark | cx727_firmware | * |
| lexmark | c2535_firmware | * |
| lexmark | xc4153_firmware | * |
| lexmark | b2546_firmware | * |
| lexmark | ms826_firmware | * |
| lexmark | xc9455_firmware | * |
| lexmark | xc6152_firmware | * |
| lexmark | xc9245_firmware | * |
| lexmark | mx822_firmware | * |
| lexmark | mb2546_firmware | * |
| lexmark | xc8160_firmware | * |
| lexmark | mc3224_firmware | * |
| lexmark | cs521_firmware | * |
| lexmark | cx944_firmware | * |
| lexmark | ms431_firmware | * |
| lexmark | c4150_firmware | * |
| lexmark | mb2338_firmware | * |
| lexmark | xc9235_firmware | * |
| lexmark | mb3442_firmware | * |
| lexmark | mx722_firmware | * |
| lexmark | cx625_firmware | * |
| lexmark | ms725_firmware | * |
| lexmark | xm3250_firmware | * |
| lexmark | m5255_firmware | * |
| lexmark | b2650_firmware | * |
| lexmark | c6160_firmware | * |
| lexmark | c3426_firmware | * |
| lexmark | cx860_firmware | * |
| lexmark | mx321_firmware | * |
| lexmark | b3340_firmware | * |
| lexmark | xc9255_firmware | * |
| lexmark | xc9465_firmware | * |
| lexmark | mb2236_firmware | * |
| lexmark | mc2535_firmware | * |
| lexmark | mb2770_firmware | * |
| lexmark | xm7370_firmware | * |
| lexmark | cx331_firmware | * |
| lexmark | ms331_firmware | * |
| lexmark | xm3142_firmware | * |
| lexmark | cs927_firmware | * |
| lexmark | xc9335_firmware | * |
| lexmark | xm1242_firmware | * |
| lexmark | c3224_firmware | * |
| lexmark | cx725_firmware | * |
| lexmark | ms621_firmware | * |
| lexmark | cs827_firmware | * |
| lexmark | mc3426_firmware | * |
| lexmark | m1342_firmware | * |
| lexmark | cs431_firmware | * |
| lexmark | b2338_firmware | * |
| lexmark | c3326_firmware | * |
| lexmark | b2442_firmware | * |
| lexmark | cs720_firmware | * |
| lexmark | xc4140_firmware | * |
| lexmark | cs421_firmware | * |
| lexmark | mc2640_firmware | * |
| lexmark | c9235_firmware | * |
| lexmark | mb2650_firmware | * |
| lexmark | ms321_firmware | * |
| lexmark | ms622_firmware | * |
| lexmark | mx826_firmware | * |
| lexmark | ms521_firmware | * |
| lexmark | cs727_firmware | * |
| lexmark | cs725_firmware | * |
| lexmark | xc4150_firmware | * |
| lexmark | mb2442_firmware | * |
| lexmark | xm7355_firmware | * |
| lexmark | m3250_firmware | * |
| lexmark | mx331_firmware | * |
| lexmark | cx522_firmware | * |
| lexmark | cx922_firmware | * |
| lexmark | cx921_firmware | * |
| lexmark | cs622_firmware | * |
| lexmark | b3442_firmware | * |
| lexmark | cx923_firmware | * |
| lexmark | mc2425_firmware | * |
| lexmark | ms825_firmware | * |
| lexmark | xc8163_firmware | * |
| lexmark | xm5365_firmware | * |
| lexmark | m1242_firmware | * |
| lexmark | xc4240_firmware | * |
| lexmark | cs728_firmware | * |
| lexmark | xm1246_firmware | * |
| lexmark | ms821_firmware | * |
| lexmark | xc6153_firmware | * |
| lexmark | mx421_firmware | * |
| lexmark | xc9265_firmware | * |
| lexmark | xc4143_firmware | * |
| lexmark | mx622_firmware | * |
| lexmark | b2236_firmware | * |
| lexmark | cx622_firmware | * |
| lexmark | ms421_firmware | * |
| lexmark | cx920_firmware | * |
| lexmark | xc2235_firmware | * |
| lexmark | mx721_firmware | * |
| lexmark | ms823_firmware | * |
| lexmark | xc4352_firmware | * |
| lexmark | xc9445_firmware | * |
| lexmark | ms822_firmware | * |
| lexmark | cs820_firmware | * |
| lexmark | cs331_firmware | * |
| lexmark | cs439_firmware | * |
| lexmark | xc2326_firmware | * |
| lexmark | b2865_firmware | * |
| lexmark | cs921_firmware | * |
| lexmark | mc3326_firmware | * |
| lexmark | mx521_firmware | * |
| lexmark | mx522_firmware | * |
| lexmark | cx825_firmware | * |
| lexmark | cx820_firmware | * |
| lexmark | xm1342_firmware | * |
| lexmark | c2425_firmware | * |
| lexmark | cx421_firmware | * |
| lexmark | c2325_firmware | * |
| lexmark | mx431_firmware | * |
| lexmark | c2240_firmware | * |
| lexmark | c2326_firmware | * |
| lexmark | xc8155_firmware | * |
In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | xc4342_firmware | * |
| lexmark | m5270_firmware | * |
| lexmark | mx931_firmware | * |
| lexmark | cs923_firmware | * |
| lexmark | mc2325_firmware | * |
| lexmark | cx431_firmware | * |
| lexmark | cx924_firmware | * |
| lexmark | xc9225_firmware | * |
| lexmark | m1246_firmware | * |
| lexmark | mx432_firmware | * |
| lexmark | cx727_firmware | * |
| lexmark | c2535_firmware | * |
| lexmark | xc4153_firmware | * |
| lexmark | b2546_firmware | * |
| lexmark | ms826_firmware | * |
| lexmark | xc9455_firmware | * |
| lexmark | xc6152_firmware | * |
| lexmark | xc9245_firmware | * |
| lexmark | mx822_firmware | * |
| lexmark | mb2546_firmware | * |
| lexmark | xc8160_firmware | * |
| lexmark | mc3224_firmware | * |
| lexmark | cs521_firmware | * |
| lexmark | cx944_firmware | * |
| lexmark | ms431_firmware | * |
| lexmark | c4150_firmware | * |
| lexmark | mb2338_firmware | * |
| lexmark | xc9235_firmware | * |
| lexmark | mb3442_firmware | * |
| lexmark | mx722_firmware | * |
| lexmark | cx625_firmware | * |
| lexmark | ms725_firmware | * |
| lexmark | xm3250_firmware | * |
| lexmark | m5255_firmware | * |
| lexmark | b2650_firmware | * |
| lexmark | c6160_firmware | * |
| lexmark | c3426_firmware | * |
| lexmark | cx860_firmware | * |
| lexmark | mx321_firmware | * |
| lexmark | b3340_firmware | * |
| lexmark | xc9255_firmware | * |
| lexmark | xc9465_firmware | * |
| lexmark | mb2236_firmware | * |
| lexmark | mc2535_firmware | * |
| lexmark | mb2770_firmware | * |
| lexmark | xm7370_firmware | * |
| lexmark | cx331_firmware | * |
| lexmark | ms331_firmware | * |
| lexmark | xm3142_firmware | * |
| lexmark | cs927_firmware | * |
| lexmark | xc9335_firmware | * |
| lexmark | xm1242_firmware | * |
| lexmark | c3224_firmware | * |
| lexmark | cx725_firmware | * |
| lexmark | ms621_firmware | * |
| lexmark | cs827_firmware | * |
| lexmark | mc3426_firmware | * |
| lexmark | m1342_firmware | * |
| lexmark | cs431_firmware | * |
| lexmark | b2338_firmware | * |
| lexmark | c3326_firmware | * |
| lexmark | b2442_firmware | * |
| lexmark | cs720_firmware | * |
| lexmark | xc4140_firmware | * |
| lexmark | cs421_firmware | * |
| lexmark | mc2640_firmware | * |
| lexmark | c9235_firmware | * |
| lexmark | mb2650_firmware | * |
| lexmark | ms321_firmware | * |
| lexmark | ms622_firmware | * |
| lexmark | mx826_firmware | * |
| lexmark | ms521_firmware | * |
| lexmark | cs727_firmware | * |
| lexmark | cs725_firmware | * |
| lexmark | xc4150_firmware | * |
| lexmark | mb2442_firmware | * |
| lexmark | xm7355_firmware | * |
| lexmark | m3250_firmware | * |
| lexmark | mx331_firmware | * |
| lexmark | cx522_firmware | * |
| lexmark | cx922_firmware | * |
| lexmark | cx921_firmware | * |
| lexmark | cs622_firmware | * |
| lexmark | b3442_firmware | * |
| lexmark | cx923_firmware | * |
| lexmark | mc2425_firmware | * |
| lexmark | ms825_firmware | * |
| lexmark | xc8163_firmware | * |
| lexmark | xm5365_firmware | * |
| lexmark | m1242_firmware | * |
| lexmark | xc4240_firmware | * |
| lexmark | cs728_firmware | * |
| lexmark | xm1246_firmware | * |
| lexmark | ms821_firmware | * |
| lexmark | xc6153_firmware | * |
| lexmark | mx421_firmware | * |
| lexmark | xc9265_firmware | * |
| lexmark | xc4143_firmware | * |
| lexmark | mx622_firmware | * |
| lexmark | b2236_firmware | * |
| lexmark | cx622_firmware | * |
| lexmark | ms421_firmware | * |
| lexmark | cx920_firmware | * |
| lexmark | xc2235_firmware | * |
| lexmark | mx721_firmware | * |
| lexmark | ms823_firmware | * |
| lexmark | xc4352_firmware | * |
| lexmark | xc9445_firmware | * |
| lexmark | ms822_firmware | * |
| lexmark | cs820_firmware | * |
| lexmark | cs331_firmware | * |
| lexmark | cs439_firmware | * |
| lexmark | xc2326_firmware | * |
| lexmark | b2865_firmware | * |
| lexmark | cs921_firmware | * |
| lexmark | mc3326_firmware | * |
| lexmark | mx521_firmware | * |
| lexmark | mx522_firmware | * |
| lexmark | cx825_firmware | * |
| lexmark | cx820_firmware | * |
| lexmark | xm1342_firmware | * |
| lexmark | c2425_firmware | * |
| lexmark | cx421_firmware | * |
| lexmark | c2325_firmware | * |
| lexmark | mx431_firmware | * |
| lexmark | c2240_firmware | * |
| lexmark | c2326_firmware | * |
| lexmark | xc8155_firmware | * |
Certain Lexmark devices through 2023-02-19 access a Resource By Using an Incompatible Type.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | msngm_firmware | * |
| lexmark | cstzj_firmware | * |
| lexmark | mxtct_firmware | * |
| lexmark | csnzj_firmware | * |
| lexmark | cxtpc_firmware | * |
| lexmark | cstpc_firmware | * |
| lexmark | mxtgw_firmware | * |
| lexmark | lhs60_firmware | * |
| lexmark | mslbd_firmware | * |
| lexmark | cxtmm_firmware | * |
| lexmark | mxlsg_firmware | * |
| lexmark | cxtzj_firmware | * |
| lexmark | lw80_firmware | * |
| lexmark | mstgw_firmware | * |
| lexmark | cxlbn_firmware | * |
| lexmark | mxtpm_firmware | * |
| lexmark | mxlbd_firmware | * |
| lexmark | mxngm_firmware | * |
| lexmark | lp_firmware | * |
| lexmark | cslbn_firmware | * |
| lexmark | msngw_firmware | * |
| lexmark | mslsg_firmware | * |
| lexmark | mxtgm_firmware | * |
| lexmark | cslbl_firmware | * |
| lexmark | lr_firmware | * |
| lexmark | cxlbl_firmware | * |
Certain Lexmark devices through 2023-02-19 have an Out-of-bounds Write.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | msngm_firmware | * |
| lexmark | cstzj_firmware | * |
| lexmark | mxtct_firmware | * |
| lexmark | csnzj_firmware | * |
| lexmark | cxtpc_firmware | * |
| lexmark | cstpc_firmware | * |
| lexmark | mxtgw_firmware | * |
| lexmark | lhs60_firmware | * |
| lexmark | mslbd_firmware | * |
| lexmark | cxtmm_firmware | * |
| lexmark | mxlsg_firmware | * |
| lexmark | cxtzj_firmware | * |
| lexmark | lw80_firmware | * |
| lexmark | mstgw_firmware | * |
| lexmark | cxlbn_firmware | * |
| lexmark | mxtpm_firmware | * |
| lexmark | mxlbd_firmware | * |
| lexmark | mxngm_firmware | * |
| lexmark | lp_firmware | * |
| lexmark | cslbn_firmware | * |
| lexmark | msngw_firmware | * |
| lexmark | mslsg_firmware | * |
| lexmark | mxtgm_firmware | * |
| lexmark | cslbl_firmware | * |
| lexmark | lr_firmware | * |
| lexmark | cxlbl_firmware | * |
Certain Lexmark devices through 2023-02-19 have an Integer Overflow.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | msngm_firmware | * |
| lexmark | cstzj_firmware | * |
| lexmark | mxtct_firmware | * |
| lexmark | csnzj_firmware | * |
| lexmark | cxtpc_firmware | * |
| lexmark | cstpc_firmware | * |
| lexmark | mxtgw_firmware | * |
| lexmark | lhs60_firmware | * |
| lexmark | mslbd_firmware | * |
| lexmark | cxtmm_firmware | * |
| lexmark | mxlsg_firmware | * |
| lexmark | cxtzj_firmware | * |
| lexmark | lw80_firmware | * |
| lexmark | mstgw_firmware | * |
| lexmark | cxlbn_firmware | * |
| lexmark | mxtpm_firmware | * |
| lexmark | mxlbd_firmware | * |
| lexmark | mxngm_firmware | * |
| lexmark | lp_firmware | * |
| lexmark | cslbn_firmware | * |
| lexmark | msngw_firmware | * |
| lexmark | mslsg_firmware | * |
| lexmark | mxtgm_firmware | * |
| lexmark | cslbl_firmware | * |
| lexmark | lr_firmware | * |
| lexmark | cxlbl_firmware | * |
Certain Lexmark devices through 2023-02-19 have Improper Validation of an Array Index.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | msngm_firmware | * |
| lexmark | cstzj_firmware | * |
| lexmark | mxtct_firmware | * |
| lexmark | csnzj_firmware | * |
| lexmark | cxtpc_firmware | * |
| lexmark | cstpc_firmware | * |
| lexmark | mxtgw_firmware | * |
| lexmark | lhs60_firmware | * |
| lexmark | mslbd_firmware | * |
| lexmark | cxtmm_firmware | * |
| lexmark | mxlsg_firmware | * |
| lexmark | cxtzj_firmware | * |
| lexmark | lw80_firmware | * |
| lexmark | mstgw_firmware | * |
| lexmark | cxlbn_firmware | * |
| lexmark | mxtpm_firmware | * |
| lexmark | mxlbd_firmware | * |
| lexmark | mxngm_firmware | * |
| lexmark | lp_firmware | * |
| lexmark | cslbn_firmware | * |
| lexmark | msngw_firmware | * |
| lexmark | mslsg_firmware | * |
| lexmark | mxtgm_firmware | * |
| lexmark | cslbl_firmware | * |
| lexmark | lr_firmware | * |
| lexmark | cxlbl_firmware | * |
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4).
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | msngm_firmware | * |
| lexmark | mxtct_firmware | * |
| lexmark | csnzj_firmware | * |
| lexmark | cxtpc_firmware | * |
| lexmark | cstpc_firmware | * |
| lexmark | mxtgw_firmware | * |
| lexmark | mslbd_firmware | * |
| lexmark | cxtmm_firmware | * |
| lexmark | mxlsg_firmware | * |
| lexmark | cstat_firmware | * |
| lexmark | cxnzj_firmware | * |
| lexmark | cxtzj_firmware | * |
| lexmark | mstgw_firmware | * |
| lexmark | cxlbn_firmware | * |
| lexmark | mxtpm_firmware | * |
| lexmark | mxlbd_firmware | * |
| lexmark | mxngm_firmware | * |
| lexmark | cslbn_firmware | * |
| lexmark | msngw_firmware | * |
| lexmark | cxtat_firmware | * |
| lexmark | cxtpp_firmware | * |
| lexmark | mslsg_firmware | * |
| lexmark | mxtgm_firmware | * |
| lexmark | cslbl_firmware | * |
| lexmark | cstmh_firmware | * |
| lexmark | cxlbl_firmware | * |
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4).
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | msngm_firmware | * |
| lexmark | mxtct_firmware | * |
| lexmark | csnzj_firmware | * |
| lexmark | cxtpc_firmware | * |
| lexmark | cstpc_firmware | * |
| lexmark | mxtgw_firmware | * |
| lexmark | mslbd_firmware | * |
| lexmark | cxtmm_firmware | * |
| lexmark | mxlsg_firmware | * |
| lexmark | cstat_firmware | * |
| lexmark | cxnzj_firmware | * |
| lexmark | cxtzj_firmware | * |
| lexmark | mstgw_firmware | * |
| lexmark | cxlbn_firmware | * |
| lexmark | mxtpm_firmware | * |
| lexmark | mxlbd_firmware | * |
| lexmark | mxngm_firmware | * |
| lexmark | cslbn_firmware | * |
| lexmark | msngw_firmware | * |
| lexmark | cxtat_firmware | * |
| lexmark | cxtpp_firmware | * |
| lexmark | mslsg_firmware | * |
| lexmark | mxtgm_firmware | * |
| lexmark | cslbl_firmware | * |
| lexmark | cstmh_firmware | * |
| lexmark | cxlbl_firmware | * |
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 3 of 4).
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | msngm_firmware | * |
| lexmark | mxtct_firmware | * |
| lexmark | csnzj_firmware | * |
| lexmark | cxtpc_firmware | * |
| lexmark | cstpc_firmware | * |
| lexmark | mxtgw_firmware | * |
| lexmark | mslbd_firmware | * |
| lexmark | cxtmm_firmware | * |
| lexmark | mxlsg_firmware | * |
| lexmark | cstat_firmware | * |
| lexmark | cxnzj_firmware | * |
| lexmark | cxtzj_firmware | * |
| lexmark | mstgw_firmware | * |
| lexmark | cxlbn_firmware | * |
| lexmark | mxtpm_firmware | * |
| lexmark | mxlbd_firmware | * |
| lexmark | mxngm_firmware | * |
| lexmark | cslbn_firmware | * |
| lexmark | msngw_firmware | * |
| lexmark | cxtat_firmware | * |
| lexmark | cxtpp_firmware | * |
| lexmark | mslsg_firmware | * |
| lexmark | mxtgm_firmware | * |
| lexmark | cslbl_firmware | * |
| lexmark | cstmh_firmware | * |
| lexmark | cxlbl_firmware | * |
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 4 of 4).
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | msngm_firmware | * |
| lexmark | cstzj_firmware | * |
| lexmark | mxtct_firmware | * |
| lexmark | csnzj_firmware | * |
| lexmark | cxtpc_firmware | * |
| lexmark | cstpc_firmware | * |
| lexmark | mxtgw_firmware | * |
| lexmark | lhs60_firmware | * |
| lexmark | mslbd_firmware | * |
| lexmark | cxtmm_firmware | * |
| lexmark | mxlsg_firmware | * |
| lexmark | cxtzj_firmware | * |
| lexmark | lw80_firmware | * |
| lexmark | mstgw_firmware | * |
| lexmark | cxlbn_firmware | * |
| lexmark | mxtpm_firmware | * |
| lexmark | mxlbd_firmware | * |
| lexmark | mxngm_firmware | * |
| lexmark | lp_firmware | * |
| lexmark | cslbn_firmware | * |
| lexmark | msngw_firmware | * |
| lexmark | mslsg_firmware | * |
| lexmark | mxtgm_firmware | * |
| lexmark | cslbl_firmware | * |
| lexmark | lr_firmware | * |
| lexmark | cxlbl_firmware | * |
Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80.*.P246, i.e., '*' indicates that the full version specification varies across product model family, but firmware level P246 (or higher) is required to remediate the vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lexmark | xm1145_firmware | * |
| lexmark | mx812_firmware | * |
| lexmark | xm1140_firmware | * |
| lexmark | mx912_firmware | * |
| lexmark | mx910_firmware | * |
| lexmark | cs510_firmware | * |
| lexmark | cs410_firmware | * |
| lexmark | m3150de_firmware | * |
| lexmark | cs310_firmware | * |
| lexmark | ms911_firmware | * |
| lexmark | cs517_firmware | * |
| lexmark | ms415_firmware | * |
| lexmark | cx417_firmware | * |
| lexmark | ms410_firmware | * |
| lexmark | ms610de_firmware | * |
| lexmark | ms710_firmware | * |
| lexmark | ms817_firmware | * |
| lexmark | cs417_firmware | * |
| lexmark | ms417_firmware | * |
| lexmark | xm5263_firmware | * |
| lexmark | ms812de_firmware | * |
| lexmark | mx811_firmware | * |
| lexmark | mx310_firmware | * |
| lexmark | ms315_firmware | * |
| lexmark | ms517_firmware | * |
| lexmark | xm9145_firmware | * |
| lexmark | mx718_firmware | * |
| lexmark | m5163de_firmware | * |
| lexmark | cx310_firmware | * |
| lexmark | mx410_firmware | * |
| lexmark | m5155_firmware | * |
| lexmark | mx711_firmware | * |
| lexmark | ms617_firmware | * |
| lexmark | xm5163_firmware | * |
| lexmark | cx510_firmware | * |
| lexmark | mx710_firmware | * |
| lexmark | ms818_firmware | * |
| lexmark | xm1135_firmware | * |
| lexmark | xm5270_firmware | * |
| lexmark | xm7170_firmware | * |
| lexmark | cx410_firmware | * |
| lexmark | ms610dn_firmware | * |
| lexmark | mx417_firmware | * |
| lexmark | m1140_firmware | * |
| lexmark | ms812dn_firmware | * |
| lexmark | ms317_firmware | * |
| lexmark | ms312_firmware | * |
| lexmark | m5163dn_firmware | * |
| lexmark | xm7263_firmware | * |
| lexmark | cx317_firmware | * |
| lexmark | mx717_firmware | * |
| lexmark | m1145_firmware | * |
| lexmark | ms711_firmware | * |
| lexmark | m5170_firmware | * |
| lexmark | xm7163_firmware | * |
| lexmark | mx611_firmware | * |
| lexmark | xm7270_firmware | * |
| lexmark | cx517_firmware | * |
| lexmark | ms810de_firmware | * |
| lexmark | xc2132_firmware | * |
| lexmark | mx810_firmware | * |
| lexmark | mx610_firmware | * |
| lexmark | xc2130_firmware | * |
| lexmark | m3150dn_firmware | * |
| lexmark | mx617_firmware | * |
| lexmark | mx511_firmware | * |
| lexmark | mx317_firmware | * |
| lexmark | ms811_firmware | * |
| lexmark | xm9155_firmware | * |
| lexmark | c2132_firmware | * |
| lexmark | mx911_firmware | * |
| lexmark | m1140+_firmware | * |
| lexmark | mx510_firmware | * |
| lexmark | ms810dn_firmware | * |
| lexmark | ms310_firmware | * |
| lexmark | ms510_firmware | * |
| lexmark | mx517_firmware | * |
| lexmark | xm3150_firmware | * |
| lexmark | xm7155_firmware | * |
| lexmark | xm9165_firmware | * |
| lexmark | cs317_firmware | * |
| lexmark | xm5170_firmware | * |