Vulnerability-Lookup

CVE-2023-50739 (GCVE-0-2023-50739)

Vulnerability from cvelistv5 – Published: 2025-01-17 23:47 – Updated: 2025-01-22 14:23

Title

A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices.

Summary

A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.

Severity

8.8 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

Lexmark

References

1 reference

URL	Tags
https://www.lexmark.com/en_us/solutions/security/…

Impacted products

1 product

Vendor	Product	Version
Lexmark	Printer Firmware	Affected: 0 , ≤ 230.209 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-50739",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-22T14:22:31.707775Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-22T14:23:31.226Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Printer Firmware",
          "vendor": "Lexmark",
          "versions": [
            {
              "lessThanOrEqual": "230.209",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A\u0026nbsp;buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark\u0026nbsp;devices. The vulnerability can be leveraged by an attacker to execute arbitrary code."
            }
          ],
          "value": "A\u00a0buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark\u00a0devices. The vulnerability can be leveraged by an attacker to execute arbitrary code."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Successful exploitation of this vulnerability can lead to an attacker being able to remotely execute arbitrary code on a device."
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122 Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-17T23:47:13.923Z",
        "orgId": "7bc73191-a2b6-4c63-9918-753964601853",
        "shortName": "Lexmark"
      },
      "references": [
        {
          "url": "https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices.",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7bc73191-a2b6-4c63-9918-753964601853",
    "assignerShortName": "Lexmark",
    "cveId": "CVE-2023-50739",
    "datePublished": "2025-01-17T23:47:13.923Z",
    "dateReserved": "2023-12-11T20:00:38.337Z",
    "dateUpdated": "2025-01-22T14:23:31.226Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-50739",
      "date": "2026-05-27",
      "epss": "0.00081",
      "percentile": "0.23687"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-50739\",\"sourceIdentifier\":\"7bc73191-a2b6-4c63-9918-753964601853\",\"published\":\"2025-01-18T00:15:25.600\",\"lastModified\":\"2025-01-18T00:15:25.600\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A\u00a0buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark\u00a0devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad de desbordamiento de b\u00fafer en el Protocolo de impresi\u00f3n de Internet (IPP) en varios dispositivos Lexmark. Un atacante puede aprovechar la vulnerabilidad para ejecutar c\u00f3digo arbitrario.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"7bc73191-a2b6-4c63-9918-753964601853\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"7bc73191-a2b6-4c63-9918-753964601853\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"}]}],\"references\":[{\"url\":\"https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html\",\"source\":\"7bc73191-a2b6-4c63-9918-753964601853\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-50739\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-22T14:22:31.707775Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-22T14:22:20.134Z\"}}], \"cna\": {\"title\": \"A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices.\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"descriptions\": [{\"lang\": \"en\", \"value\": \"Successful exploitation of this vulnerability can lead to an attacker being able to remotely execute arbitrary code on a device.\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Lexmark\", \"product\": \"Printer Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"230.209\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A\\u00a0buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark\\u00a0devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A\u0026nbsp;buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark\u0026nbsp;devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"CWE-122 Heap-based Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"7bc73191-a2b6-4c63-9918-753964601853\", \"shortName\": \"Lexmark\", \"dateUpdated\": \"2025-01-17T23:47:13.923Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-50739\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-22T14:23:31.226Z\", \"dateReserved\": \"2023-12-11T20:00:38.337Z\", \"assignerOrgId\": \"7bc73191-a2b6-4c63-9918-753964601853\", \"datePublished\": \"2025-01-17T23:47:13.923Z\", \"assignerShortName\": \"Lexmark\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2023-50739

Vulnerability from fkie_nvd - Published: 2025-01-18 00:15 - Updated: 2026-04-15 00:35

Severity

8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.

References

	URL	Tags
	7bc73191-a2b6-4c63-9918-753964601853	https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A\u00a0buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark\u00a0devices. The vulnerability can be leveraged by an attacker to execute arbitrary code."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad de desbordamiento de b\u00fafer en el Protocolo de impresi\u00f3n de Internet (IPP) en varios dispositivos Lexmark. Un atacante puede aprovechar la vulnerabilidad para ejecutar c\u00f3digo arbitrario."
    }
  ],
  "id": "CVE-2023-50739",
  "lastModified": "2026-04-15T00:35:42.020",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "7bc73191-a2b6-4c63-9918-753964601853",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-01-18T00:15:25.600",
  "references": [
    {
      "source": "7bc73191-a2b6-4c63-9918-753964601853",
      "url": "https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html"
    }
  ],
  "sourceIdentifier": "7bc73191-a2b6-4c63-9918-753964601853",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-122"
        }
      ],
      "source": "7bc73191-a2b6-4c63-9918-753964601853",
      "type": "Secondary"
    }
  ]
}

GHSA-VG87-MH5W-4J7P

Vulnerability from github – Published: 2025-01-18 00:30 – Updated: 2025-01-18 00:30

Details

A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.

Severity

8.8 (High)


                  
                    CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-50739"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-122"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-18T00:15:25Z",
    "severity": "HIGH"
  },
  "details": "A\u00a0buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark\u00a0devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.",
  "id": "GHSA-vg87-mh5w-4j7p",
  "modified": "2025-01-18T00:30:48Z",
  "published": "2025-01-18T00:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50739"
    },
    {
      "type": "WEB",
      "url": "https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2023-50739

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2023-50739

Aliases

CVE-2023-50739

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-50739",
    "id": "GSD-2023-50739"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-50739"
      ],
      "id": "GSD-2023-50739",
      "modified": "2023-12-13T01:20:31.383908Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2023-50739",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

WID-SEC-W-2024-0783

Vulnerability from csaf_certbund - Published: 2024-04-03 22:00 - Updated: 2024-04-03 22:00

Summary

Lexmark Multifunction Printer: Mehrere Schwachstellen ermöglichen Codeausführung

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Lexmark ist ein Hersteller von Druckern und Druckerzubehör.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Lexmark Multifunction Printer ausnutzen, um beliebigen Programmcode auszuführen.

Betroffene Betriebssysteme: - BIOS/Firmware

CVE-2023-50733

Es besteht eine Schwachstelle in Lexmark Multifunktionsdruckern. Diese Schwachstelle besteht in der Web Services-Funktion aufgrund einer Server-Side Request Forgery (SSRF) Anfälligkeit. Ein entfernter, anonymer Angreifer kann diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Lexmark Multifunction Printer Lexmark	`cpe:/h:lexmark:multifunction_printer:-`	—

CVE-2023-50738

Es besteht eine Schwachstelle in Lexmark Multifunktionsdruckern. Dieser Fehler besteht aufgrund einer unsachgemäßen Verteidigung der Funktion zur Verhinderung eines Firmware-Downgrades. Ein privilegierter Angreifer im angrenzenden Netzbereich kann diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Lexmark Multifunction Printer Lexmark	`cpe:/h:lexmark:multifunction_printer:-`	—

CVE-2023-50739

Es besteht eine Schwachstelle in Lexmark Multifunktionsdruckern. Dieser Fehler besteht im Internet Printing Protocol (IPP) aufgrund eines Pufferüberlaufproblems. Ein anonymer Angreifer im angrenzenden Netzbereich kann diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Lexmark Multifunction Printer Lexmark	`cpe:/h:lexmark:multifunction_printer:-`	—

References

5 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://publications.lexmark.com/publications/sec…	external
https://publications.lexmark.com/publications/sec…	external
https://publications.lexmark.com/publications/sec…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Lexmark ist ein Hersteller von Druckern und Druckerzubeh\u00f6r.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Lexmark Multifunction Printer ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- BIOS/Firmware",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0783 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0783.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0783 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0783"
      },
      {
        "category": "external",
        "summary": "Lexmark Security Advisory CVE-2023-50733 vom 2024-04-03",
        "url": "https://publications.lexmark.com/publications/security-alerts/CVE-2023-50733.pdf"
      },
      {
        "category": "external",
        "summary": "Lexmark Security Advisory CVE-2023-50738 vom 2024-04-03",
        "url": "https://publications.lexmark.com/publications/security-alerts/CVE-2023-50738.pdf"
      },
      {
        "category": "external",
        "summary": "Lexmark Security Advisory CVE-2023-50739 vom 2024-04-03",
        "url": "https://publications.lexmark.com/publications/security-alerts/CVE-2023-50739.pdf"
      }
    ],
    "source_lang": "en-US",
    "title": "Lexmark Multifunction Printer: Mehrere Schwachstellen erm\u00f6glichen Codeausf\u00fchrung",
    "tracking": {
      "current_release_date": "2024-04-03T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:07:14.438+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0783",
      "initial_release_date": "2024-04-03T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-04-03T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Lexmark Multifunction Printer",
            "product": {
              "name": "Lexmark Multifunction Printer",
              "product_id": "T033887",
              "product_identification_helper": {
                "cpe": "cpe:/h:lexmark:multifunction_printer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Lexmark"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-50733",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Lexmark Multifunktionsdruckern. Diese Schwachstelle besteht in der Web Services-Funktion aufgrund einer Server-Side Request Forgery (SSRF) Anf\u00e4lligkeit. Ein entfernter, anonymer Angreifer kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033887"
        ]
      },
      "release_date": "2024-04-03T22:00:00.000+00:00",
      "title": "CVE-2023-50733"
    },
    {
      "cve": "CVE-2023-50738",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Lexmark Multifunktionsdruckern. Dieser Fehler besteht aufgrund einer unsachgem\u00e4\u00dfen Verteidigung der Funktion zur Verhinderung eines Firmware-Downgrades. Ein privilegierter Angreifer im angrenzenden Netzbereich kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033887"
        ]
      },
      "release_date": "2024-04-03T22:00:00.000+00:00",
      "title": "CVE-2023-50738"
    },
    {
      "cve": "CVE-2023-50739",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Lexmark Multifunktionsdruckern. Dieser Fehler besteht im Internet Printing Protocol (IPP) aufgrund eines Puffer\u00fcberlaufproblems. Ein anonymer Angreifer im angrenzenden Netzbereich kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033887"
        ]
      },
      "release_date": "2024-04-03T22:00:00.000+00:00",
      "title": "CVE-2023-50739"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-50739 (GCVE-0-2023-50739)

FKIE_CVE-2023-50739

GHSA-VG87-MH5W-4J7P

GSD-2023-50739

WID-SEC-W-2024-0783

Tags

Sightings

Nomenclature