Remote Code Execution Vulnerability in Lenovo Printer Firmware
CVE-2022-34886
8.8HIGH
Key Information:
- Vendor
Lenovo
- Status
- Vendor
- CVE Published:
- 27 October 2023
What is CVE-2022-34886?
A vulnerability in the firmware of certain Lenovo printers allows remote users to exploit a weak server-side interface by dispatching an illegal string through a script. This can lead to a stack overflow condition, which may enable attackers to execute arbitrary code on the affected device, potentially compromising the printer's functionality and exposing sensitive information.
Affected Version(s)
Printer G263DNS < 02.06.00.04.00
Printer GM265DN (production date July 2022 and later)
Printer GM265DN (production date June 2022 and before) < 01.00.20N