Details of VAR-202201-0780

ID

VAR-202201-0780

CVE

CVE-2021-44738

TITLE

plural Lexmark Classic buffer overflow vulnerability in device

Trust: 0.8

sources: JVNDB: JVNDB-2022-003884

DESCRIPTION

Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter. plural Lexmark A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Crafted PostScript data can trigger a write past the end of an allocated buffer. This vulnerability allows local attackers to escalate privileges on affected installations of Lexmark MC3224i printers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the remote object server. The issue results from the lack of an appropriate expiration mechanism for session IDs. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the web admin user. Lexmark is a line of printers in the United States

Trust: 4.05

sources: NVD: CVE-2021-44738 // JVNDB: JVNDB-2022-003884 // ZDI: ZDI-22-382 // ZDI: ZDI-22-328 // ZDI: ZDI-22-327 // CNVD: CNVD-2022-08178

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-08178

AFFECTED PRODUCTS

vendor:	lexmark	model:	mc3224i	scope:	-	version:	-	Trust: 2.1
vendor:	lexmark	model:	c2240	scope:	lt	version:	cstzj.076.294	Trust: 1.0
vendor:	lexmark	model:	mx718	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	m5155	scope:	lt	version:	lw80.dn4.p210	Trust: 1.0
vendor:	lexmark	model:	mx810	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	c950	scope:	lt	version:	lhs60.tp.p753	Trust: 1.0
vendor:	lexmark	model:	xm7170	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	ms911	scope:	lt	version:	lw80.sa.p210	Trust: 1.0
vendor:	lexmark	model:	ms810dn	scope:	lt	version:	lw80.dn2.p210	Trust: 1.0
vendor:	lexmark	model:	xs955	scope:	lt	version:	lhs60.tq.p753	Trust: 1.0
vendor:	lexmark	model:	mx722	scope:	lt	version:	mxtgw.076.294	Trust: 1.0
vendor:	lexmark	model:	mx410	scope:	lt	version:	lw80.sb4.p210	Trust: 1.0
vendor:	lexmark	model:	ms610dn	scope:	lt	version:	lw80.pr2.p210	Trust: 1.0
vendor:	lexmark	model:	b2650	scope:	lt	version:	msngm.076.294	Trust: 1.0
vendor:	lexmark	model:	xc4150	scope:	lt	version:	cxtat.076.294	Trust: 1.0
vendor:	lexmark	model:	ms812de	scope:	lt	version:	lw80.dn7.p210	Trust: 1.0
vendor:	lexmark	model:	cx622	scope:	lt	version:	cxtzj.076.294	Trust: 1.0
vendor:	lexmark	model:	b2236	scope:	lt	version:	mslsg.076.294	Trust: 1.0
vendor:	lexmark	model:	b3340	scope:	lt	version:	mslbd.076.294	Trust: 1.0
vendor:	lexmark	model:	cx727	scope:	lt	version:	cxtat.076.294	Trust: 1.0
vendor:	lexmark	model:	cs331	scope:	lt	version:	cslbl.076.294	Trust: 1.0
vendor:	lexmark	model:	cx510	scope:	lt	version:	lw80.gm7.p210	Trust: 1.0
vendor:	lexmark	model:	cs431	scope:	lt	version:	cslbn.076.294	Trust: 1.0
vendor:	lexmark	model:	mb2442	scope:	lt	version:	mxtgm.076.294	Trust: 1.0
vendor:	lexmark	model:	mb2236	scope:	lt	version:	mxlsg.076.294	Trust: 1.0
vendor:	lexmark	model:	b2442	scope:	lt	version:	msngm.076.294	Trust: 1.0
vendor:	lexmark	model:	b2865	scope:	lt	version:	msngw.076.294	Trust: 1.0
vendor:	lexmark	model:	cx331	scope:	lt	version:	cxlbl.076.294	Trust: 1.0
vendor:	lexmark	model:	cx860	scope:	lt	version:	cxtpp.076.294	Trust: 1.0
vendor:	lexmark	model:	xc9265	scope:	lt	version:	cxtmh.076.294	Trust: 1.0
vendor:	lexmark	model:	xm3150	scope:	lt	version:	lw80.sb7.p210	Trust: 1.0
vendor:	lexmark	model:	m5163dn	scope:	lt	version:	lw80.dn2.p210	Trust: 1.0
vendor:	lexmark	model:	cs720	scope:	lt	version:	cstat.076.294	Trust: 1.0
vendor:	lexmark	model:	xc2326	scope:	lt	version:	cxlbn.076.294	Trust: 1.0
vendor:	lexmark	model:	mx811	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	m5255	scope:	lt	version:	mstgw.076.294	Trust: 1.0
vendor:	lexmark	model:	mb2338	scope:	lt	version:	mxngm.076.294	Trust: 1.0
vendor:	lexmark	model:	xc4143	scope:	lt	version:	cxtat.076.294	Trust: 1.0
vendor:	lexmark	model:	cx417	scope:	lt	version:	lw80.gm4.p210	Trust: 1.0
vendor:	lexmark	model:	xm3250	scope:	lt	version:	mxtgm.076.294	Trust: 1.0
vendor:	lexmark	model:	cx421	scope:	lt	version:	cxnzj.076.294	Trust: 1.0
vendor:	lexmark	model:	mc2325	scope:	lt	version:	cxnzj.076.294	Trust: 1.0
vendor:	lexmark	model:	b2546	scope:	lt	version:	msngm.076.294	Trust: 1.0
vendor:	lexmark	model:	mc2535	scope:	lt	version:	cxtzj.076.294	Trust: 1.0
vendor:	lexmark	model:	cs923	scope:	lt	version:	cstmh.076.294	Trust: 1.0
vendor:	lexmark	model:	c734	scope:	lt	version:	lr.sk.p835	Trust: 1.0
vendor:	lexmark	model:	e46x	scope:	lt	version:	lr.lbh.p835	Trust: 1.0
vendor:	lexmark	model:	mx431	scope:	lt	version:	mxlbd.076.294	Trust: 1.0
vendor:	lexmark	model:	ms825	scope:	lt	version:	msngw.076.294	Trust: 1.0
vendor:	lexmark	model:	cx825	scope:	lt	version:	cxtpp.076.294	Trust: 1.0
vendor:	lexmark	model:	cx431	scope:	lt	version:	cxlbn.076.294	Trust: 1.0
vendor:	lexmark	model:	ms517	scope:	lt	version:	lw80.pr2.p210	Trust: 1.0
vendor:	lexmark	model:	cs410	scope:	lt	version:	lw80.vy2.p210	Trust: 1.0
vendor:	lexmark	model:	xc2132	scope:	lt	version:	lw80.gm7.p210	Trust: 1.0
vendor:	lexmark	model:	ms711	scope:	lt	version:	lw80.dn2.p210	Trust: 1.0
vendor:	lexmark	model:	mx622	scope:	lt	version:	mxtgm.076.294	Trust: 1.0
vendor:	lexmark	model:	xs950	scope:	lt	version:	lhs60.tq.p753	Trust: 1.0
vendor:	lexmark	model:	mx717	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	cs748	scope:	lt	version:	lhs60.cm4.p753	Trust: 1.0
vendor:	lexmark	model:	cs820	scope:	lt	version:	cstpp.076.294	Trust: 1.0
vendor:	lexmark	model:	cx920	scope:	lt	version:	cxtmh.076.294	Trust: 1.0
vendor:	lexmark	model:	cs517	scope:	lt	version:	lw80.vy4.p210	Trust: 1.0
vendor:	lexmark	model:	mc2425	scope:	lt	version:	cxnzj.076.294	Trust: 1.0
vendor:	lexmark	model:	c3426	scope:	lt	version:	cslbn.076.294	Trust: 1.0
vendor:	lexmark	model:	mb2650	scope:	lt	version:	mxtgm.076.294	Trust: 1.0
vendor:	lexmark	model:	ms810de	scope:	lt	version:	lw80.dn4.p210	Trust: 1.0
vendor:	lexmark	model:	xm9155	scope:	lt	version:	lw80.mg.p210	Trust: 1.0
vendor:	lexmark	model:	x954	scope:	lt	version:	lhs60.tq.p753	Trust: 1.0
vendor:	lexmark	model:	xm5365	scope:	lt	version:	mxtgw.076.294	Trust: 1.0
vendor:	lexmark	model:	cx923	scope:	lt	version:	cxtmh.076.294	Trust: 1.0
vendor:	lexmark	model:	m3150de	scope:	lt	version:	lw80.pr4.p210	Trust: 1.0
vendor:	lexmark	model:	c792	scope:	lt	version:	lhs60.hc.p753	Trust: 1.0
vendor:	lexmark	model:	m1140	scope:	lt	version:	lw80.prl.p210	Trust: 1.0
vendor:	lexmark	model:	mx421	scope:	lt	version:	mxtgm.076.294	Trust: 1.0
vendor:	lexmark	model:	c2325	scope:	lt	version:	csnzj.076.294	Trust: 1.0
vendor:	lexmark	model:	xm5170	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	mx6500e	scope:	lt	version:	lw80.jd.p210	Trust: 1.0
vendor:	lexmark	model:	xm1140	scope:	lt	version:	lw80.sb4.p210	Trust: 1.0
vendor:	lexmark	model:	m1140\+	scope:	lt	version:	lw80.pr2.p210	Trust: 1.0
vendor:	lexmark	model:	mx822	scope:	lt	version:	mxtgw.076.294	Trust: 1.0
vendor:	lexmark	model:	ms823	scope:	lt	version:	msngw.076.294	Trust: 1.0
vendor:	lexmark	model:	xc2130	scope:	lt	version:	lw80.gm4.p210	Trust: 1.0
vendor:	lexmark	model:	ms431	scope:	lt	version:	mslbd.076.294	Trust: 1.0
vendor:	lexmark	model:	m1342	scope:	lt	version:	mslbd.076.294	Trust: 1.0
vendor:	lexmark	model:	cx317	scope:	lt	version:	lw80.gm2.p210	Trust: 1.0
vendor:	lexmark	model:	x746	scope:	lt	version:	lhs60.ny.p753	Trust: 1.0
vendor:	lexmark	model:	c746	scope:	lt	version:	lhs60.cm2.p753	Trust: 1.0
vendor:	lexmark	model:	mb2770	scope:	lt	version:	mxtgw.076.294	Trust: 1.0
vendor:	lexmark	model:	xm1242	scope:	lt	version:	mxtgm.076.294	Trust: 1.0
vendor:	lexmark	model:	m1246	scope:	lt	version:	msngm.076.294	Trust: 1.0
vendor:	lexmark	model:	ms410	scope:	lt	version:	lw80.prl.p210	Trust: 1.0
vendor:	lexmark	model:	mx521	scope:	lt	version:	mxtgm.076.294	Trust: 1.0
vendor:	lexmark	model:	ms315	scope:	lt	version:	lw80.tl2.p210	Trust: 1.0
vendor:	lexmark	model:	m3150dn	scope:	lt	version:	lw80.pr2.p210	Trust: 1.0
vendor:	lexmark	model:	ms811	scope:	lt	version:	lw80.dn2.p210	Trust: 1.0
vendor:	lexmark	model:	xm9145	scope:	lt	version:	lw80.mg.p210	Trust: 1.0
vendor:	lexmark	model:	xm1246	scope:	lt	version:	mxtgm.076.294	Trust: 1.0
vendor:	lexmark	model:	xm7370	scope:	lt	version:	mxtgw.076.294	Trust: 1.0
vendor:	lexmark	model:	cx725	scope:	lt	version:	cxtat.076.294	Trust: 1.0
vendor:	lexmark	model:	cs417	scope:	lt	version:	lw80.vy2.p210	Trust: 1.0
vendor:	lexmark	model:	x952	scope:	lt	version:	lhs60.tq.p753	Trust: 1.0
vendor:	lexmark	model:	xc2235	scope:	lt	version:	cxtzj.076.294	Trust: 1.0
vendor:	lexmark	model:	xm5263	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	xm9165	scope:	lt	version:	lw80.mg.p210	Trust: 1.0
vendor:	lexmark	model:	ms610de	scope:	lt	version:	lw80.pr4.p210	Trust: 1.0
vendor:	lexmark	model:	xs795	scope:	lt	version:	lhs60.mr.p753	Trust: 1.0
vendor:	lexmark	model:	6500e	scope:	lt	version:	lhs60.jr.p753	Trust: 1.0
vendor:	lexmark	model:	mx317	scope:	lt	version:	lw80.sb2.p210	Trust: 1.0
vendor:	lexmark	model:	cx522	scope:	lt	version:	cxtzj.076.294	Trust: 1.0
vendor:	lexmark	model:	mx911	scope:	lt	version:	lw80.mg.p210	Trust: 1.0
vendor:	lexmark	model:	cx625	scope:	lt	version:	cxtzj.076.294	Trust: 1.0
vendor:	lexmark	model:	mx611	scope:	lt	version:	lw80.sb7.p210	Trust: 1.0
vendor:	lexmark	model:	xm7355	scope:	lt	version:	mxtgw.076.294	Trust: 1.0
vendor:	lexmark	model:	cs310	scope:	lt	version:	lw80.vyl.p210	Trust: 1.0
vendor:	lexmark	model:	xm7270	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	mx610	scope:	lt	version:	lw80.sb7.p210	Trust: 1.0
vendor:	lexmark	model:	xs925	scope:	lt	version:	lhs60.hk.p753	Trust: 1.0
vendor:	lexmark	model:	c9235	scope:	lt	version:	cstmh.076.294	Trust: 1.0
vendor:	lexmark	model:	c6160	scope:	lt	version:	cstpp.076.294	Trust: 1.0
vendor:	lexmark	model:	cx820	scope:	lt	version:	cxtpp.076.294	Trust: 1.0
vendor:	lexmark	model:	ms417	scope:	lt	version:	lw80.tl2.p210	Trust: 1.0
vendor:	lexmark	model:	m5270	scope:	lt	version:	mstgw.076.294	Trust: 1.0
vendor:	lexmark	model:	mx710	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	c2132	scope:	lt	version:	lw80.vy4.p210	Trust: 1.0
vendor:	lexmark	model:	ms317	scope:	lt	version:	lw80.prl.p210	Trust: 1.0
vendor:	lexmark	model:	mx310	scope:	lt	version:	lw80.sb2.p210	Trust: 1.0
vendor:	lexmark	model:	ms521	scope:	lt	version:	msngm.076.294	Trust: 1.0
vendor:	lexmark	model:	xc6153	scope:	lt	version:	cxtpp.076.294	Trust: 1.0
vendor:	lexmark	model:	m5170	scope:	lt	version:	lw80.dn7.p210	Trust: 1.0
vendor:	lexmark	model:	ms817	scope:	lt	version:	lw80.dn2.p210	Trust: 1.0
vendor:	lexmark	model:	xs796	scope:	lt	version:	lhs60.mr.p753	Trust: 1.0
vendor:	lexmark	model:	xc9225	scope:	lt	version:	cxtmh.076.294	Trust: 1.0
vendor:	lexmark	model:	c4150	scope:	lt	version:	cstat.076.294	Trust: 1.0
vendor:	lexmark	model:	cs622	scope:	lt	version:	cstzj.076.294	Trust: 1.0
vendor:	lexmark	model:	c3326	scope:	lt	version:	cslbl.076.294	Trust: 1.0
vendor:	lexmark	model:	xm1342	scope:	lt	version:	mslbd.076.294	Trust: 1.0
vendor:	lexmark	model:	xc9245	scope:	lt	version:	cxtmh.076.294	Trust: 1.0
vendor:	lexmark	model:	xs548	scope:	lt	version:	lhs60.vk.p753	Trust: 1.0
vendor:	lexmark	model:	c748	scope:	lt	version:	lhs60.cm4.p753	Trust: 1.0
vendor:	lexmark	model:	xs798	scope:	lt	version:	lhs60.mr.p753	Trust: 1.0
vendor:	lexmark	model:	m1242	scope:	lt	version:	msngm.076.294	Trust: 1.0
vendor:	lexmark	model:	m5163de	scope:	lt	version:	lw80.dn4.p210	Trust: 1.0
vendor:	lexmark	model:	w850	scope:	lt	version:	lp.jb.p834	Trust: 1.0
vendor:	lexmark	model:	cs727	scope:	lt	version:	cstat.076.294	Trust: 1.0
vendor:	lexmark	model:	c925	scope:	lt	version:	lhs60.hv.p753	Trust: 1.0
vendor:	lexmark	model:	xc8160	scope:	lt	version:	cxtpp.076.294	Trust: 1.0
vendor:	lexmark	model:	x748	scope:	lt	version:	lhs60.ny.p753	Trust: 1.0
vendor:	lexmark	model:	mb2546	scope:	lt	version:	mxtgm.076.294	Trust: 1.0
vendor:	lexmark	model:	ms621	scope:	lt	version:	msngm.076.294	Trust: 1.0
vendor:	lexmark	model:	cx924	scope:	lt	version:	cxtmh.076.294	Trust: 1.0
vendor:	lexmark	model:	xc8163	scope:	lt	version:	cxtpp.076.294	Trust: 1.0
vendor:	lexmark	model:	ms818	scope:	lt	version:	lw80.dn2.p210	Trust: 1.0
vendor:	lexmark	model:	b2338	scope:	lt	version:	msngm.076.294	Trust: 1.0
vendor:	lexmark	model:	mx910	scope:	lt	version:	lw80.mg.p210	Trust: 1.0
vendor:	lexmark	model:	cx410	scope:	lt	version:	lw80.gm4.p210	Trust: 1.0
vendor:	lexmark	model:	xc4140	scope:	lt	version:	cxtat.076.294	Trust: 1.0
vendor:	lexmark	model:	x65x	scope:	lt	version:	lr.mn.p835	Trust: 1.0
vendor:	lexmark	model:	mc3426	scope:	lt	version:	cxlbn.076.294	Trust: 1.0
vendor:	lexmark	model:	cs725	scope:	lt	version:	cstat.076.294	Trust: 1.0
vendor:	lexmark	model:	cs317	scope:	lt	version:	lw80.vyl.p210	Trust: 1.0
vendor:	lexmark	model:	cx310	scope:	lt	version:	lw80.gm2.p210	Trust: 1.0
vendor:	lexmark	model:	ms710	scope:	lt	version:	lw80.dn2.p210	Trust: 1.0
vendor:	lexmark	model:	ms321	scope:	lt	version:	msngm.076.294	Trust: 1.0
vendor:	lexmark	model:	cs796	scope:	lt	version:	lhs60.hc.p753	Trust: 1.0
vendor:	lexmark	model:	ms826	scope:	lt	version:	mstgw.076.294	Trust: 1.0
vendor:	lexmark	model:	xc6152	scope:	lt	version:	cxtpp.076.294	Trust: 1.0
vendor:	lexmark	model:	ms510	scope:	lt	version:	lw80.pr2.p210	Trust: 1.0
vendor:	lexmark	model:	m3250	scope:	lt	version:	mstgm.076.294	Trust: 1.0
vendor:	lexmark	model:	cs728	scope:	lt	version:	cstat.076.294	Trust: 1.0
vendor:	lexmark	model:	mx517	scope:	lt	version:	lw80.sb4.p210	Trust: 1.0
vendor:	lexmark	model:	m1145	scope:	lt	version:	lw80.pr2.p210	Trust: 1.0
vendor:	lexmark	model:	cs439	scope:	lt	version:	cslbn.076.294	Trust: 1.0
vendor:	lexmark	model:	mc3224	scope:	lt	version:	cxlbl.076.294	Trust: 1.0
vendor:	lexmark	model:	mx511	scope:	lt	version:	lw80.sb4.p210	Trust: 1.0
vendor:	lexmark	model:	cs827	scope:	lt	version:	cstpp.076.294	Trust: 1.0
vendor:	lexmark	model:	ms822	scope:	lt	version:	mstgw.076.294	Trust: 1.0
vendor:	lexmark	model:	cx922	scope:	lt	version:	cxtmh.076.294	Trust: 1.0
vendor:	lexmark	model:	xc9235	scope:	lt	version:	cxtmh.076.294	Trust: 1.0
vendor:	lexmark	model:	c2535	scope:	lt	version:	csnzj.076.294	Trust: 1.0
vendor:	lexmark	model:	x73x	scope:	lt	version:	lr.fl.p835	Trust: 1.0
vendor:	lexmark	model:	c736	scope:	lt	version:	lr.ske.p835	Trust: 1.0
vendor:	lexmark	model:	ms421	scope:	lt	version:	msngm.076.294	Trust: 1.0
vendor:	lexmark	model:	xm7155	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	x950	scope:	lt	version:	lhs60.tq.p753	Trust: 1.0
vendor:	lexmark	model:	ms725	scope:	lt	version:	msngw.076.294	Trust: 1.0
vendor:	lexmark	model:	cs827	scope:	lt	version:	cxtpp.076.294	Trust: 1.0
vendor:	lexmark	model:	cs521	scope:	lt	version:	csnzj.076.294	Trust: 1.0
vendor:	lexmark	model:	xc9255	scope:	lt	version:	cxtmh.076.294	Trust: 1.0
vendor:	lexmark	model:	mx617	scope:	lt	version:	lw80.sb7.p210	Trust: 1.0
vendor:	lexmark	model:	ms812dn	scope:	lt	version:	lw80.dn2.p210	Trust: 1.0
vendor:	lexmark	model:	ms821	scope:	lt	version:	msngw.076.294	Trust: 1.0
vendor:	lexmark	model:	mx522	scope:	lt	version:	mxtgm.076.294	Trust: 1.0
vendor:	lexmark	model:	cs927	scope:	lt	version:	cstmh.076.294	Trust: 1.0
vendor:	lexmark	model:	mx711	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	x46x	scope:	lt	version:	lr.bs.p835	Trust: 1.0
vendor:	lexmark	model:	ms331	scope:	lt	version:	mslbd.076.294	Trust: 1.0
vendor:	lexmark	model:	xc8155	scope:	lt	version:	cxtpp.076.294	Trust: 1.0
vendor:	lexmark	model:	cs921	scope:	lt	version:	cstmh.076.294	Trust: 1.0
vendor:	lexmark	model:	mx812	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	ms622	scope:	lt	version:	mstgm.076.294	Trust: 1.0
vendor:	lexmark	model:	xc4153	scope:	lt	version:	cxtat.076.294	Trust: 1.0
vendor:	lexmark	model:	mx510	scope:	lt	version:	lw80.sb4.p210	Trust: 1.0
vendor:	lexmark	model:	xm7263	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	cx921	scope:	lt	version:	cxtmh.076.294	Trust: 1.0
vendor:	lexmark	model:	cs510	scope:	lt	version:	lw80.vy4.p210	Trust: 1.0
vendor:	lexmark	model:	xm5270	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	xm5163	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	mc3326	scope:	lt	version:	cxlbl.076.294	Trust: 1.0
vendor:	lexmark	model:	xm1135	scope:	lt	version:	lw80.sb2.p210	Trust: 1.0
vendor:	lexmark	model:	mx331	scope:	lt	version:	mxlbd.076.294	Trust: 1.0
vendor:	lexmark	model:	ms312	scope:	lt	version:	lw80.prl.p210	Trust: 1.0
vendor:	lexmark	model:	mx417	scope:	lt	version:	lw80.sb4.p210	Trust: 1.0
vendor:	lexmark	model:	mx321	scope:	lt	version:	mxngm.076.294	Trust: 1.0
vendor:	lexmark	model:	x792	scope:	lt	version:	lhs60.mr.p753	Trust: 1.0
vendor:	lexmark	model:	x86x	scope:	lt	version:	lp.sp.p834	Trust: 1.0
vendor:	lexmark	model:	cx517	scope:	lt	version:	lw80.gm7.p210	Trust: 1.0
vendor:	lexmark	model:	ms310	scope:	lt	version:	lw80.prl.p210	Trust: 1.0
vendor:	lexmark	model:	c3224	scope:	lt	version:	cslbl.076.294	Trust: 1.0
vendor:	lexmark	model:	xs748	scope:	lt	version:	lhs60.ny.p753	Trust: 1.0
vendor:	lexmark	model:	mx912	scope:	lt	version:	lw80.mg.p210	Trust: 1.0
vendor:	lexmark	model:	ms617	scope:	lt	version:	lw80.pr2.p210	Trust: 1.0
vendor:	lexmark	model:	x548	scope:	lt	version:	lhs60.vk.p753	Trust: 1.0
vendor:	lexmark	model:	mb3442	scope:	lt	version:	mxlbd.076.294	Trust: 1.0
vendor:	lexmark	model:	mx721	scope:	lt	version:	mxtgw.076.294	Trust: 1.0
vendor:	lexmark	model:	x925	scope:	lt	version:	lhs60.hk.p753	Trust: 1.0
vendor:	lexmark	model:	xm1145	scope:	lt	version:	lw80.sb4.p210	Trust: 1.0
vendor:	lexmark	model:	c2326	scope:	lt	version:	cslbn.076.294	Trust: 1.0
vendor:	lexmark	model:	t65x	scope:	lt	version:	lr.jp.p835	Trust: 1.0
vendor:	lexmark	model:	mc2640	scope:	lt	version:	cxtzj.076.294	Trust: 1.0
vendor:	lexmark	model:	ms415	scope:	lt	version:	lw80.tl2.p210	Trust: 1.0
vendor:	lexmark	model:	b3442	scope:	lt	version:	mslbd.076.294	Trust: 1.0
vendor:	lexmark	model:	xc4240	scope:	lt	version:	cxtzj.076.294	Trust: 1.0
vendor:	lexmark	model:	mx826	scope:	lt	version:	mxtgw.076.294	Trust: 1.0
vendor:	lexmark	model:	cs421	scope:	lt	version:	csnzj.076.294	Trust: 1.0
vendor:	lexmark	model:	xm7163	scope:	lt	version:	lw80.tu.p210	Trust: 1.0
vendor:	lexmark	model:	c2425	scope:	lt	version:	csnzj.076.294	Trust: 1.0
vendor:	lexmark	model:	b2236	scope:	-	version:	-	Trust: 0.8
vendor:	lexmark	model:	mx431	scope:	-	version:	-	Trust: 0.8
vendor:	lexmark	model:	mb2236	scope:	-	version:	-	Trust: 0.8
vendor:	lexmark	model:	xm1342	scope:	-	version:	-	Trust: 0.8
vendor:	lexmark	model:	mx331	scope:	-	version:	-	Trust: 0.8
vendor:	lexmark	model:	ms331	scope:	-	version:	-	Trust: 0.8
vendor:	lexmark	model:	ms431	scope:	-	version:	-	Trust: 0.8
vendor:	lexmark	model:	b3340	scope:	-	version:	-	Trust: 0.8
vendor:	lexmark	model:	b3442	scope:	-	version:	-	Trust: 0.8
vendor:	lexmark	model:	m1342	scope:	-	version:	-	Trust: 0.8
vendor:	lexmark	model:	lexmark	scope:	-	version:	-	Trust: 0.6

sources: ZDI: ZDI-22-382 // ZDI: ZDI-22-328 // ZDI: ZDI-22-327 // CNVD: CNVD-2022-08178 // JVNDB: JVNDB-2022-003884 // NVD: CVE-2021-44738

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2021-44738
value:	HIGH
Trust: 2.1
nvd@nist.gov:	CVE-2021-44738
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2021-44738
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2022-08178
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202201-1804
value:	CRITICAL
Trust: 0.6

nvd@nist.gov:	CVE-2021-44738
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2022-08178
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

ZDI:	CVE-2021-44738
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.4
nvd@nist.gov:	CVE-2021-44738
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2021-44738
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2021-44738
baseSeverity:	HIGH
baseScore:	7.1
vectorString:	AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	5.2
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-22-382 // ZDI: ZDI-22-328 // ZDI: ZDI-22-327 // CNVD: CNVD-2022-08178 // JVNDB: JVNDB-2022-003884 // CNNVD: CNNVD-202201-1804 // NVD: CVE-2021-44738

PROBLEMTYPE DATA

problemtype:	CWE-120	Trust: 1.0
problemtype:	Classic buffer overflow (CWE-120) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-003884 // NVD: CVE-2021-44738

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202201-1804

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202201-1804

PATCH

title:	Lexmark has issued an update to correct this vulnerability.	url:	https://publications.lexmark.com/publications/security-alerts/CVE-2021-44738.pdf	Trust: 2.1
title:	Lexmark Security Advisories	url:	https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html	Trust: 0.8
title:	Patch for Lexmark Buffer Overflow Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/317096	Trust: 0.6
title:	Lexmark Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=179571	Trust: 0.6

sources: ZDI: ZDI-22-382 // ZDI: ZDI-22-328 // ZDI: ZDI-22-327 // CNVD: CNVD-2022-08178 // JVNDB: JVNDB-2022-003884 // CNNVD: CNNVD-202201-1804

EXTERNAL IDS

db:	NVD	id:	CVE-2021-44738	Trust: 5.9
db:	ZDI	id:	ZDI-22-382	Trust: 3.1
db:	ZDI	id:	ZDI-22-328	Trust: 3.1
db:	ZDI	id:	ZDI-22-327	Trust: 3.1
db:	JVNDB	id:	JVNDB-2022-003884	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-15982	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-15924	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-15925	Trust: 0.7
db:	CNVD	id:	CNVD-2022-08178	Trust: 0.6
db:	CNNVD	id:	CNNVD-202201-1804	Trust: 0.6

sources: ZDI: ZDI-22-382 // ZDI: ZDI-22-328 // ZDI: ZDI-22-327 // CNVD: CNVD-2022-08178 // JVNDB: JVNDB-2022-003884 // CNNVD: CNNVD-202201-1804 // NVD: CVE-2021-44738

REFERENCES

url:	https://www.zerodayinitiative.com/advisories/zdi-22-327/	Trust: 3.0
url:	https://www.zerodayinitiative.com/advisories/zdi-22-382/	Trust: 3.0
url:	https://www.zerodayinitiative.com/advisories/zdi-22-328/	Trust: 2.4
url:	https://publications.lexmark.com/publications/security-alerts/cve-2021-44738.pdf	Trust: 2.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-44738	Trust: 2.0
url:	https://support.lexmark.com/alerts/	Trust: 1.6

sources: ZDI: ZDI-22-382 // ZDI: ZDI-22-328 // ZDI: ZDI-22-327 // CNVD: CNVD-2022-08178 // JVNDB: JVNDB-2022-003884 // CNNVD: CNNVD-202201-1804 // NVD: CVE-2021-44738

CREDITS

Christopher Anastasio @mufinnnnnnn

Trust: 1.4

sources: ZDI: ZDI-22-328 // ZDI: ZDI-22-327

SOURCES

db:	ZDI	id:	ZDI-22-382
db:	ZDI	id:	ZDI-22-328
db:	ZDI	id:	ZDI-22-327
db:	CNVD	id:	CNVD-2022-08178
db:	JVNDB	id:	JVNDB-2022-003884
db:	CNNVD	id:	CNNVD-202201-1804
db:	NVD	id:	CVE-2021-44738

LAST UPDATE DATE

2024-11-23T22:44:06.372000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-22-382	date:	2022-02-18T00:00:00
db:	ZDI	id:	ZDI-22-328	date:	2022-02-15T00:00:00
db:	ZDI	id:	ZDI-22-327	date:	2022-02-15T00:00:00
db:	CNVD	id:	CNVD-2022-08178	date:	2022-02-02T00:00:00
db:	JVNDB	id:	JVNDB-2022-003884	date:	2023-03-10T03:23:00
db:	CNNVD	id:	CNNVD-202201-1804	date:	2022-03-10T00:00:00
db:	NVD	id:	CVE-2021-44738	date:	2024-11-21T06:31:29.940

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-22-382	date:	2022-02-18T00:00:00
db:	ZDI	id:	ZDI-22-328	date:	2022-02-15T00:00:00
db:	ZDI	id:	ZDI-22-327	date:	2022-02-15T00:00:00
db:	CNVD	id:	CNVD-2022-08178	date:	2022-02-02T00:00:00
db:	JVNDB	id:	JVNDB-2022-003884	date:	2023-03-10T00:00:00
db:	CNNVD	id:	CNNVD-202201-1804	date:	2022-01-20T00:00:00
db:	NVD	id:	CVE-2021-44738	date:	2022-01-20T16:15:07.507