Cross-Site Request Forgery in Lexmark Devices
CVE-2020-10095

8.1HIGH

Key Information:

Vendor: Lexmark
Status: Lexmark Devices
Vendor: CVE Published:; 19 February 2025

What is CVE-2020-10095?

Lexmark devices are susceptible to a Cross-Site Request Forgery (CSRF) vulnerability, which enables a malicious actor to send unauthorized requests to the devices. This flaw can allow attackers to manipulate the configuration settings, potentially leading to unauthorized access or operational disruption. Users are advised to implement security measures to mitigate the risk associated with this vulnerability.

References

http://support.lexmark.com/alerts/

https://www.lexmark.com/en_us/solutions/security//lexmark...

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 19, 2025
Vulnerability Reserved
Mar 4, 2020