CVE-2025-1127
9.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
The vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user and/or modify the contents of any data on the filesystem.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CXTLS.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MXTLS.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CSTLS.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MSNSN.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MSTSN.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MXTSN.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CSNGV.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CSTGV.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CXTGV.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CXTPC.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CSTPC.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MXTCT.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MXTPM.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CXTMM.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CSTMM.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MSNGM.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MSTGM.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MXNGM.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MXTGM.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MSNGW.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MSTGW.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MXTGW.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CSTZJ.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CSNZJ.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CXTZJ.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CXNZJ.240.205 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MSLSG.240.407 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MXLSG.240.407 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MSLBD.240.407 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= MXLBD.240.407 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CSLBN.240.407 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CSLBL.240.407 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CXLBN.240.407 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CXLBL.240.407 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CXTPP.240.407 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CSTPP.240.407 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CSTAT.240.407 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CXTAT.240.407 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CSTMH.240.407 | affected |
| Lexmark | CX, XC, CS, MS, MX, XM, et. al. | 0 <= CXTMH.240.407 | affected |
Weaknesses
- CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CWE-362: CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.