Type Confusion Vulnerability in Lexmark Devices
CVE-2024-11344
7.3HIGH
Summary
A type confusion vulnerability has been discovered in the Postscript interpreter used in various Lexmark devices. This vulnerability allows attackers to manipulate the data types during code execution, potentially leading to arbitrary code execution. If exploited, this could grant attackers unauthorized access to sensitive information or lead to further compromise of the device’s functionality. It is crucial for users of affected Lexmark products to remain informed about this vulnerability and apply necessary security updates.
Affected Version(s)
CX, XC, CS, MS, MX, XM, et. al. 0
CX, XC, CS, MS, MX, XM, et. al. CXTLS.240.200
CX, XC, CS, MS, MX, XM, et. al. 0
References
CVSS V3.1
Score:
7.3
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved