PT-2022-12214 · Lexmark · Lexmark Devices
David Berard
+5
·
Published
2022-01-20
·
Updated
2023-07-24
·
CVE-2021-44736
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Lexmark devices (affected versions not specified)
Description
The initial admin account setup wizard on Lexmark devices allows unauthenticated access to the "out of service erase" feature. This issue may be related to an unprotected API, potentially leading to remote code execution.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Lexmark Devices