9.8
CVSSv3

CVE-2023-26069

Published: 10/04/2023 Updated: 08/05/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0

Vulnerability Summary

This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of Lexmark MC3224i printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the snmpUTIL binary. The issue results from the lack of proper validation of configuration files. An attacker can leverage this vulnerability to execute code in the context of the admin user.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

lexmark cxtpc firmware

lexmark cstpc firmware

lexmark mxtct firmware

lexmark mxtpm firmware

lexmark cxtmm firmware

lexmark mslsg firmware

lexmark mxlsg firmware

lexmark mslbd firmware

lexmark mxlbd firmware

lexmark msngm firmware

lexmark mxngm firmware

lexmark mxtgm firmware

lexmark msngw firmware

lexmark mstgw firmware

lexmark mxtgw firmware

lexmark cslbn firmware

lexmark cslbl firmware

lexmark cxlbn firmware

lexmark cxlbl firmware

lexmark csnzj firmware

lexmark cxtzj firmware

lexmark cxnzj firmware

lexmark cxtpp firmware

lexmark cstat firmware

lexmark cxtat firmware

lexmark cstmh firmware

Vendor Advisories