Lexmark Printer Firmware vulnerabilities

CVE-2023-50739 [HIGH] CWE-122 CVE-2023-50739: A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in vario A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.

CVE-2023-50738 [MEDIUM] CWE-354 CVE-2023-50738: A new feature to prevent Firmware downgrades was recently added to some Lexmark products. A method t A new feature to prevent Firmware downgrades was recently added to some Lexmark products. A method to override this downgrade protection has been identified.

CVE-2016-3145 [MEDIUM] CWE-200 CVE-2016-3145: Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, a Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory.

CVE-2016-1896 [CRITICAL] CWE-254 CVE-2016-1896: Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049 Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status.