Local Privilege Escalation Vulnerability in Lexmark Printer Software
CVE-2021-35469

7.8HIGH

Key Information:

Vendor: Lexmark
Status: Printer Software G4; Printer Software G3; Printer Software G2
Vendor: CVE Published:; 14 July 2021

What is CVE-2021-35469?

The Lexmark Printer Software packages G2, G3, and G4 contain a local escalation of privilege vulnerability stemming from an improperly defined registry entry. This vulnerability allows unauthorized users to gain elevated access rights, potentially leading to the execution of arbitrary code with higher privileges. It underscores the importance of securing service paths to prevent exploitation and ensuring that system configurations adhere to security best practices.

References

http://support.lexmark.com/alerts/

x_refsource_MISC

http://support.lexmark.com/index?id=TE952&page=content&lo...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 14, 2021
Vulnerability Reserved
Jun 23, 2021