CVE-2018-15520

Various Lexmark devices have a Buffer Overflow (issue 2 of 2).

Published: Jun 28, 2019
Updated: Apr 13, 2023
CVE: CVE-2018-15520
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
lexmark / cx82x_firmware	-	cxtpp.052.024.x
lexmark / cx82x_firmware	cxtpp.052.200	cxtpp.052.204.x
lexmark / cx860_firmware	-	cxtpp.052.024.x
lexmark / cx860_firmware	cxtpp.052.200	cxtpp.052.204.x
lexmark / xc6152_firmware	-	cxtpp.052.024.x
lexmark / xc6152_firmware	cxtpp.052.200	cxtpp.052.204.x
lexmark / xc8155_firmware	-	cxtpp.052.024.x
lexmark / xc8155_firmware	cxtpp.052.200	cxtpp.052.204.x
lexmark / xc8160_firmware	-	cxtpp.052.024.x
lexmark / xc8160_firmware	cxtpp.052.200	cxtpp.052.204.x
lexmark / cx72x_firmware	-	cxtat.052.024.x
lexmark / cx72x_firmware	cxtat.052.200	cxtat.052.204.x
lexmark / xc41x0_firmware	-	cxtat.052.024.x
lexmark / xc41x0_firmware	cxtat.052.200	cxtat.052.204.x
lexmark / cx92x_firmware	-	cxtmh.052.024.x
lexmark / cx92x_firmware	cxtmh.052.200	cxtmh.052.204.x
lexmark / xc92x5_firmware	-	cxtmh.052.024.x
lexmark / xc92x5_firmware	cxtmh.052.200	cxtmh.052.204.x
lexmark / mx321_firmware	-	mxngm.052.024.x
lexmark / mx321_firmware	mxngm.052.200	mxngm.052.204.x
lexmark / mb2338_firmware	-	mxngm.052.024.x
lexmark / mb2338_firmware	mxngm.052.200	mxngm.052.204.x
lexmark / mx42x_firmware	-	mxtgm.052.024.x
lexmark / mx42x_firmware	mxtgm.052.200	mxtgm.052.204.x
lexmark / mx52x_firmware	-	mxtgm.052.024.x
lexmark / mx52x_firmware	mxtgm.052.200	mxtgm.052.204.x
lexmark / mx622_firmware	-	mxtgm.052.024.x
lexmark / mx622_firmware	mxtgm.052.200	mxtgm.052.204.x
lexmark / mb2442_firmware	-	mxtgm.052.024.x
lexmark / mb2442_firmware	mxtgm.052.200	mxtgm.052.204.x
lexmark / mb2546_firmware	-	mxtgm.052.024.x
lexmark / mb2546_firmware	mxtgm.052.200	mxtgm.052.204.x
lexmark / mb2650_firmware	-	mxtgm.052.024.x
lexmark / mb2650_firmware	mxtgm.052.200	mxtgm.052.204.x
lexmark / xm124x_firmware	-	mxtgm.052.024.x
lexmark / xm124x_firmware	mxtgm.052.200	mxtgm.052.204.x
lexmark / xm3250_firmware	-	mxtgm.052.024.x
lexmark / xm3250_firmware	mxtgm.052.200	mxtgm.052.204.x
lexmark / mx72x_firmware	-	mxtgw.052.024.x
lexmark / mx72x_firmware	mxtgw.052.200	mxtgw.052.204.x
lexmark / mx82x_firmware	-	mxtgw.052.024.x
lexmark / mx82x_firmware	mxtgw.052.200	mxtgw.052.204.x
lexmark / mb2770_firmware	-	mxtgw.052.024.x
lexmark / mb2770_firmware	mxtgw.052.200	mxtgw.052.204.x
lexmark / xm5370_firmware	-	mxtgw.052.024.x
lexmark / xm5370_firmware	mxtgw.052.200	mxtgw.052.204.x
lexmark / xm7355_firmware	-	mxtgw.052.024.x
lexmark / xm7355_firmware	mxtgw.052.200	mxtgw.052.204.x
lexmark / xm7370_firmware	-	mxtgw.052.024.x
lexmark / xm7370_firmware	mxtgw.052.200	mxtgw.052.204.x
lexmark / cx421_firmware	-	cxnzj.052.024.x
lexmark / cx421_firmware	cxnzj.052.200	cxnzj.052.204.x
lexmark / mc2325_firmware	-	cxnzj.052.024.x
lexmark / mc2325_firmware	cxnzj.052.200	cxnzj.052.204.x
lexmark / mc2425_firmware	-	cxnzj.052.024.x
lexmark / mc2425_firmware	cxnzj.052.200	cxnzj.052.204.x
lexmark / cx522_firmware	-	cxtzj.052.024.x
lexmark / cx522_firmware	cxtzj.052.200	cxtzj.052.204.x
lexmark / cx62x_firmware	-	cxtzj.052.024.x
lexmark / cx62x_firmware	cxtzj.052.200	cxtzj.052.204.x
lexmark / mc2535_firmware	-	cxtzj.052.024.x
lexmark / mc2535_firmware	cxtzj.052.200	cxtzj.052.204.x
lexmark / mc2640_firmware	-	cxtzj.052.024.x
lexmark / mc2640_firmware	cxtzj.052.200	cxtzj.052.204.x
lexmark / xc2235_firmware	-	cxtzj.052.024.x
lexmark / xc2235_firmware	cxtzj.052.200	cxtzj.052.204.x
lexmark / xc4240_firmware	-	cxtzj.052.024.x
lexmark / xc4240_firmware	cxtzj.052.200	cxtzj.052.204.x

http://support.lexmark.com/index?page=content&id=TE892

Vulnerability Database

290,273

CVE-2018-15520