CVE-2021-35449

HIGH

Lexmark Universal Print Driver <2.15.1.0 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-35449. PoCs published by Jacob Baines, Shelby Pace, Grant Willcox, including Metasploit module exploits/windows/local/lexmark_driver_privesc.

AI-analyzed exploit summary This Metasploit module exploits a privilege escalation vulnerability in Lexmark Universal Printer drivers by modifying a GDL file to load a malicious DLL, which is then executed by PrintIsolationHost.exe as SYSTEM.

Description

The Lexmark Universal Print Driver version 2.15.1.0 and below, G2 driver 2.7.1.0 and below, G3 driver 3.2.0.0 and below, and G4 driver 4.2.1.0 and below are affected by a privilege escalation vulnerability. A standard low priviliged user can use the driver to execute a DLL of their choosing during the add printer process, resulting in escalation of privileges to SYSTEM.

Exploits (1)

metasploit WORKING POC NORMAL

by Jacob Baines, Shelby Pace, Grant Willcox · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/lexmark_driver_privesc.rb

View Code ZIP pw:eip

This Metasploit module exploits a privilege escalation vulnerability in Lexmark Universal Printer drivers by modifying a GDL file to load a malicious DLL, which is then executed by PrintIsolationHost.exe as SYSTEM.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Lexmark Universal Printer drivers (Lexmark Universal v2, Lexmark Universal v2 XL, Lexmark Printer Software G2, Lexmark Printer Software G2 XL)

Auth required

Prerequisites: Low-privileged authenticated access to a Windows system with vulnerable Lexmark drivers installed · Meterpreter session

MITRE ATT&CK

T1548.002 - Bypass User Account Control T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory x_refsource_misc

http://support.lexmark.com/alerts/

Third Party Advisory x_refsource_misc

https://raw.githubusercontent.com/jacob-baines/vuln_disclosure/main/vuln_2021_02.txt

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/163811/Lexmark-Driver-Privilege-Escalation.html

Scores

CVSS v3 7.8

EPSS 0.0141

EPSS Percentile 69.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-732

Status published

Products (4)

lexmark/g2_driver < 2.7.1.0

lexmark/g3_driver < 3.2.0.0

lexmark/g4_driver < 4.2.1.0

lexmark/universal_print_driver < 2.15.1.0

Published Jul 19, 2021

Tracked Since Feb 18, 2026