CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50734 – A vulnerability has been identified in the PostScript interpreter in various Lexmark devices.
https://notcve.org/view.php?id=CVE-2023-50734
A buffer overflow vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. Se ha identificado una vulnerabilidad de desbordamiento del búfer en el intérprete PostScript de varios dispositivos Lexmark. Un atacante puede aprovechar la vulnerabilidad para ejecutar código arbitrario. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50735 – A vulnerability has been identified in the PostScript interpreter in various Lexmark devices.
https://notcve.org/view.php?id=CVE-2023-50735
A heap corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. Se ha identificado una vulnerabilidad de corrupción del montón en el intérprete PostScript de varios dispositivos Lexmark. Un atacante puede aprovechar la vulnerabilidad para ejecutar código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-465: Pointer Issues •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50736 – A vulnerability has been identified in the PostScript interpreter in various Lexmark devices.
https://notcve.org/view.php?id=CVE-2023-50736
A memory corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. Se ha identificado una vulnerabilidad de corrupción de memoria en el intérprete PostScript de varios dispositivos Lexmark. Un atacante puede aprovechar la vulnerabilidad para ejecutar código arbitrario. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50737 – An input validation vulnerability in the SE Menu allows an attacker to execute arbitrary code.
https://notcve.org/view.php?id=CVE-2023-50737
The SE menu contains information used by Lexmark to diagnose device errors. A vulnerability in one of the SE menu routines can be leveraged by an attacker to execute arbitrary code. El menú SE contiene información utilizada por Lexmark para diagnosticar errores del dispositivo. Un atacante puede aprovechar una vulnerabilidad en una de las rutinas del menú SE para ejecutar código arbitrario. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 164EXPL: 0CVE-2023-40239
https://notcve.org/view.php?id=CVE-2023-40239
Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80.*.P246, i.e., '*' indicates that the full version specification varies across product model family, but firmware level P246 (or higher) is required to remediate the vulnerability. Ciertos dispositivos Lexmark (como el CS310) anteriores al 25-08-2023 permiten ataques XXE, que conducen a la divulgación de información. La versión de firmware corregida es LW80.*.P246, donde, '*' indica que la especificación de la versión completa varía según la familia de modelos del producto, pero se requiere el nivel de firmware P246 (o superior) para corregir la vulnerabilidad. • https://publications.lexmark.com/publications/security-alerts/CVE-2023-40239.pdf • CWE-611: Improper Restriction of XML External Entity Reference •