Persistence Vulnerability in Lexmark Devices
CVE-2022-29850

8.1HIGH

Key Information:

Vendor
Lexmark
Status
B2236 Firmware
Vendor
CVE Published:
26 August 2022

Summary

Certain Lexmark products allow an attacker, who has previously compromised a device, to retain access even after the device is restarted. This security flaw presents a significant risk as it enables unauthorized users to maintain control over the affected systems, potentially leading to data breaches or further compromises. Users of Lexmark multifunction and laser printers should ensure their devices are patched and monitored closely for unusual activity to mitigate this risk.

References

https://support.lexmark.com/alerts/
x_refsource_MISC
https://publications.lexmark.com/publications/security-al...
x_refsource_MISC
https://www.lexmark.com/en_us/solutions/security/lexmark-...
x_refsource_MISC

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.