CVE-2016-3145

CWE-200Information Exposure3 documents3 sources
Severity
4.6MEDIUM
EPSS
0.1%
top 80.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Lexmark Printer Firmware
Timeline
PublishedApr 22
Latest updateMay 14

Description

Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory.

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 0.9 | Impact: 3.6

Affected Packages1 packages

NVDlexmark/printer_firmwarepppp.021.062+4

🔴Vulnerability Details

2
GHSA
GHSA-wqpc-7xwr-93hx: Lexmark printers with firmware ATL before ATL2022-05-14
CVEList
CVE-2016-3145: Lexmark printers with firmware ATL before ATL2016-04-22
CVE-2016-3145 (MEDIUM CVSS 4.6) | Lexmark printers with firmware ATL | cvebase.io