CVE-2016-3145

MEDIUM

Lexmark Printer Firmware < ATL.021.063 Sensitive Information Exposure

Title source: llm
STIX 2.1

Description

Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
http://support.lexmark.com/index?page=content&id=TE760

Scores

CVSS v3 4.6
EPSS 0.0035
EPSS Percentile 26.7%
Attack Vector PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (1)
lexmark/printer_firmware pp - pp.021.062
Published Apr 22, 2016
Tracked Since Feb 18, 2026