Type Confusion Vulnerability in Lexmark International Printing Products
CVE-2024-11346

7.3HIGH

Key Information:

Vendor: Lexmark International
Status: Cx, Xc, Cs, Ms, Mx, Xm, Et. Al.
Vendor: CVE Published:; 13 February 2025

Summary

A type confusion vulnerability exists in the Postscript interpreter modules of Lexmark International printing products, which could allow unauthorized access leading to resource injection. Affected models include various configurations available within the Lexmark CX, XC, and CS series. This vulnerability may exploit improper data handling, potentially compromising the integrity and security of the printing solutions.

Affected Version(s)

CX, XC, CS, MS, MX, XM, et. al. 0

CX, XC, CS, MS, MX, XM, et. al. CXTLS.240.200

CX, XC, CS, MS, MX, XM, et. al. 0

References

https://www.lexmark.com/en_us/solutions/security/lexmark-...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 13, 2025
Vulnerability Reserved
Nov 18, 2024