{"Unauthenticated Restart Vulnerability in Lenovo Printers"}
CVE-2024-3286

7.5HIGH

Key Information:

Vendor: Lenovo
Status: Printers
Vendor: CVE Published:; 16 May 2024

Summary

A buffer overflow vulnerability has been identified in certain models of Lenovo printers. This flaw can be exploited by an unauthenticated attacker who sends a specially crafted web request, potentially causing the affected device to restart unexpectedly. This security concern highlights the importance of regularly updating device firmware and monitoring network traffic to mitigate unauthorized access attempts on affected printers.

Affected Version(s)

Printers various

References

https://iknow.lenovo.com.cn/detail/421500

https://www.lenovoimage.com/psirt/notice/158605.html

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 16, 2024
Vulnerability Reserved
Apr 3, 2024

Credit

Lenovo thanks China Information Technology Innovation Vulnerability Database (CITIVD) and Chaitin for reporting this issue.