CVE-2025-65081

Summary

An out-of-bounds read vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Affected Software

VendorProductVersion RangeStatus
LexmarkMXTCT, MSNGM, MSTGM, MXNGM, MXTGM, CSNGV, CSTGV, CXTGV, MSNGW, MSTGW, MXTGW, CSTLS, CXTLS, MXTLS, CSTMM, CXTMM, CSTPC, CXTPC, MXTPM, MSNSN, MSTSN, MXTSN, CSNZJ, CSTZJ, CXNZJ, CXTZJ0 < 250.210affected
LexmarkCSTAT, CXTAT, MSLBD, MXLBD, CSLBL, CXLBL, CSLBN, CXLBN, CSTMH, CXTMH, CSTPP, CXTPP, MSLSG, MXLSG0 < 230.506affected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds Read

Workarounds

Lexmark recommends a firmware update if your device has affected firmware.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References