CVE-2024-11345

Summary

A heap-based memory vulnerability has been identified in the Postscript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CXTLS.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CSTLS.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MSNSN.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MSTSN.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MXTSN.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CSNGV.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CSTGV.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CXTGV.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CXTPC.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CSTPC.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MXTCT.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MXTPM.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CXTMM.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CSTMM.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MSLSG.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MXLSG.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MSLBD.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MXLBD.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MSNGM.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MSTGM.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MXNGM.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MXTGM.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MSNGW.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MSTGW.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= MXTGW.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CSLBN.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CSLBL.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CXLBN.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CXLBL.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CSTZJ.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CSNZJ.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CXTZJ.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CXNZJ.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CXTPP.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CSTPP.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CSTAT.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CXTAT.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CSTMH.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= CXTMH.230.341affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW90.TL2.P215affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW90.PR2.P215affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW90.PR4.P215affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW90.SB4.P215affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW90.SB7.P215affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW90.DN2.P215affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW90.DN4.P215affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW90.DN7.P215affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW90.TU.P215affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW90.SA.P215affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW90.MG.P215affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW90.GM7.P215affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW90.GM4.P215affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW80.PRL.P257affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW80.SB2.P257affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW80.VYL.P257affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW80.VY2.P257affected
Lexmark InternationalCX, XC, CS, MS, MX, XM, et. al.0 <= LW80.GM2P257affected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds Write

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References