CVE-2022-3429

Summary

A denial-of-service vulnerability was found in the firmware used in Lenovo printers, where users send illegal or malformed strings to an open port, triggering a denial of service that causes a display error and prevents the printer from functioning properly.

Affected Software

VendorProductVersion RangeStatus
LenovoPrinter GM265DN (production date June 2022 and before)< 01.00.20Naffected
LenovoPrinter GM265DN (production date July 2022 and later)< 01.17.00.03.00affected
LenovoPrinter GM266DNS< 02.06.00.04.00affected
LenovoPrinter G263DNS< 02.06.00.04.00affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References