Lexmark: Security Vulnerabilities
In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.
CVSS Score
9.8
EPSS Score
0.009
Published
2023-01-23
Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots.
CVSS Score
8.1
EPSS Score
0.003
Published
2022-08-26
Lexmark products through 2022-02-10 have Incorrect Access Control.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-28
Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.
CVSS Score
9.8
EPSS Score
0.083
Published
2022-01-20
Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.
CVSS Score
9.8
EPSS Score
0.126
Published
2022-01-20
The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-01-20
PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files.
CVSS Score
8.8
EPSS Score
0.008
Published
2022-01-20
Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter.
CVSS Score
9.8
EPSS Score
0.008
Published
2022-01-20
The Lexmark Universal Print Driver version 2.15.1.0 and below, G2 driver 2.7.1.0 and below, G3 driver 3.2.0.0 and below, and G4 driver 4.2.1.0 and below are affected by a privilege escalation vulnerability. A standard low priviliged user can use the driver to execute a DLL of their choosing during the add printer process, resulting in escalation of privileges to SYSTEM.
CVSS Score
7.8
EPSS Score
0.133
Published
2021-07-19
The Lexmark Printer Software G2, G3 and G4 Installation Packages have a local escalation of privilege vulnerability due to a registry entry that has an unquoted service path.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-07-14