Vulnerability Details

Lexmark Printer Multiple Vulnerabilities (TE920)

Published: 2019-09-09 06:24:09
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Detection Type:
Remote Banner

Solution Type:
Vendor Patch

Summary:
Multiple vulnerabilities have been identified in some Lexmark devices that would allow an attacker to execute arbitrary code on the device.

Detection Method:
Checks if a vulnerable firmware version is present on the target host.

Technical Details:
Two buffer overflow vulnerabilities and an integer overflow vulnerability have been identified in the embedded web server of some Lexmark devices that allow an attacker to execute arbitrary code on the device.

Impact:
Successful exploitation of this vulnerability can lead to remote code execution on the affected device.

Recommendations:
See the referenced vendor advisory for a solution.

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2019-9930
https://nvd.nist.gov/vuln/detail/CVE-2019-9932
https://nvd.nist.gov/vuln/detail/CVE-2019-9933

References:

http://support.lexmark.com/index?page=content&id=TE920

Search
Severity
High
CVSS Score
10.0

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.