Relative Path Traversal Vulnerability in Lexmark Devices
CVE-2025-65077

8.8HIGH

Key Information:

Vendor: Lexmark
Status: Mxtct, Msngm, Mstgm, Mxngm, Mxtgm, Csngv, Cstgv, Cxtgv, Msngw, Mstgw, Mxtgw, Cstls, Cxtls, Mxtls, Cstmm, Cxtmm, Cstpc, Cxtpc, Mxtpm, Msnsn, Mstsn, Mxtsn, Csnzj, Cstzj, Cxnzj, Cxtzj; Cstat, Cxtat, Mslbd, Mxlbd, Cslbl, Cxlbl, Cslbn, Cxlbn, Cstmh, Cxtmh, Cstpp, Cxtpp, Mslsg, Mxlsg
Vendor: CVE Published:; 3 February 2026

Badges

👾 Exploit Exists

What is CVE-2025-65077?

A relative path traversal vulnerability has been discovered within the Embedded Solutions Framework used in various Lexmark devices. This weakness allows attackers to manipulate file paths, potentially leading to unauthorized access and execution of arbitrary code with the privileges of an unprivileged user. Organizations using affected Lexmark products should implement security measures to mitigate the risk associated with this vulnerability.

Affected Version(s)

CSTAT, CXTAT, MSLBD, MXLBD, CSLBL, CXLBL, CSLBN, CXLBN, CSTMH, CXTMH, CSTPP, CXTPP, MSLSG, MXLSG 0 < 230.507

MXTCT, MSNGM, MSTGM, MXNGM, MXTGM, CSNGV, CSTGV, CXTGV, MSNGW, MSTGW, MXTGW, CSTLS, CXTLS, MXTLS, CSTMM, CXTMM, CSTPC, CXTPC, MXTPM, MSNSN, MSTSN, MXTSN, CSNZJ, CSTZJ, CXNZJ, CXTZJ 0 < 250.210

References

https://www.lexmark.com/en_us/solutions/security/lexmark-...

CVSS V4

Score:

8.8

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Feb 3, 2026
Vulnerability published
Feb 3, 2026
Vulnerability Reserved
Nov 17, 2025

CVE-2025-65077 Data

JSON