Denial-of-Service Vulnerability in Lenovo Printer Firmware
CVE-2022-3429

6.5MEDIUM

Key Information:

Vendor: Lenovo
Status: Printer Gm265dn (production Date June 2022 And Before); Printer Gm265dn (production Date July 2022 And Later); Printer Gm266dns; Printer G263dns
Vendor: CVE Published:; 27 October 2023

What is CVE-2022-3429?

A vulnerability exists in the firmware of Lenovo printers that allows attackers to exploit improperly formatted input sent to an open port. This can trigger a denial of service, resulting in display errors and preventing the printer from functioning as intended. Users should be aware of this security flaw to avoid potential disruption in services.

Affected Version(s)

Printer G263DNS < 02.06.00.04.00

Printer GM265DN (production date July 2022 and later)

Printer GM265DN (production date June 2022 and before) < 01.00.20N

References

https://iknow.lenovo.com.cn/detail/205041.html

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 27, 2023
Vulnerability Reserved
Oct 7, 2022