CVE-2016-3145

Name of the Vulnerable Software and Affected Versions Lexmark printers with firmware ATL before ATL.021.063 Lexmark printers with firmware CB before CB.021.063 Lexmark printers with firmware PP before PP.021.063 Lexmark printers with firmware YK before YK.021.063

Description The issue is related to the mishandling of Erase Printer Memory and Erase Hard Disk actions in Lexmark printers, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory. This is due to a lack of protection for service data.

Recommendations For Lexmark printers with firmware ATL before ATL.021.063, update the firmware to ATL.021.063 or later. For Lexmark printers with firmware CB before CB.021.063, update the firmware to CB.021.063 or later. For Lexmark printers with firmware PP before PP.021.063, update the firmware to PP.021.063 or later. For Lexmark printers with firmware YK before YK.021.063, update the firmware to YK.021.063 or later.