Buffer Overflow Vulnerability in Lexmark Devices
CVE-2021-44738

9.8CRITICAL

Key Information:

Vendor
Lexmark
Status
B2236 Firmware
Vendor
CVE Published:
20 January 2022

Summary

A buffer overflow vulnerability has been detected in Lexmark printers through the postscript interpreter, which could allow an attacker to exploit this flaw remotely. If successfully leveraged, this vulnerability can lead to arbitrary code execution and unauthorized access to affected devices, potentially compromising sensitive information and disrupting printer functionality. Users are advised to apply security updates and monitor their systems for unusual activity.

References

https://support.lexmark.com/alerts/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-22-327/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-22-328/
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.