Integer Overflow Vulnerability in Lexmark Postscript Interpreter
CVE-2024-11347

7.3HIGH

Key Information:

Vendor: Lexmark International
Status: Cx, Xc, Cs, Et. Al.
Vendor: CVE Published:; 13 February 2025

🔔 Create Lexmark International Vulnerability Alert

What is CVE-2024-11347?

An integer overflow vulnerability exists in the Postscript interpreter modules of various Lexmark printer models, including the CX, XC, and CS series. This flaw allows attackers to manipulate integer values, potentially leading to execution of arbitrary code with the permissions of an unprivileged user. Exploiting this vulnerability could compromise the security and integrity of affected systems. It is critical for users and administrators to apply available security updates and follow recommended security practices to mitigate the risks associated with this vulnerability.

Affected Version(s)

CX, XC, CS, et. al. 0

CX, XC, CS, et. al. CXTLS.240.200

CX, XC, CS, et. al. 0

References

https://www.lexmark.com/en_us/solutions/security/lexmark-...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 13, 2025
Vulnerability Reserved
Nov 18, 2024