(Pwn2Own) Lexmark CX331adwe JPEG2000 Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of JPEG2000 files. The issue results from the lack of...

PT-2024-13962 · Lexmark · Lexmark Cx331Adwe

Name of the Vulnerable Software and Affected Versions: Lexmark CX331adwe affected versions not specified Description: A method to override the firmware downgrade protection has been identified in some Lexmark products. This issue allows for a bypass of the downgrade protection feature that was...

Lexmark CX331adwe Firmware Downgrade Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /usr/bin/hydra service, which listens on TCP port 9100 by...

Lexmark CX331adwe IPP Server Authorization HTTP Header Heap-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IPP server, which listens on TCP port 631 by default. The issue...

(Pwn2Own) Lexmark CX331adwe PostScript File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of PostScript data. The issue results from the lack of...

(Pwn2Own) Lexmark CX331adwe make42charstring Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the make42charstring method. The issue results from the lack of...

(Pwn2Own) Lexmark CX331adwe Missing Authentication Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of authentication within the web interface. The...

(Pwn2Own) Lexmark CX331adwe PDF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validatio...

PT-2023-8589 · Lexmark · Lexmark Cx331Adwe

Name of the Vulnerable Software and Affected Versions: Lexmark CX331adwe affected versions not specified Description: A vulnerability in one of the SE menu routines of Lexmark printers can be leveraged by an attacker to execute arbitrary code. The issue exists due to a lack of authentication befo...