CVE-2022-29850
HIGHLexmark Multiple Models Firmware Persistence Across Reboots via Compromised Device
Title source: llmDescription
Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_misc
https://support.lexmark.com/alerts/
Vendor Advisory x_refsource_misc
https://publications.lexmark.com/publications/security-alerts/CVE-2022-29850.pdf
Vendor Advisory x_refsource_misc
https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html
Scores
CVSS v3
8.1
EPSS
0.0081
EPSS Percentile
52.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
CWE-668
Status
published
Products (50)
lexmark/b2236_firmware
< mslsg.081.014
lexmark/b2338_firmware
< msngm.081.014
lexmark/b2442_firmware
< msngm.081.014
lexmark/b2546_firmware
< msngm.081.014
lexmark/b2650_firmware
< msngm.081.014
lexmark/b2865_firmware
< msngw.081.014
lexmark/b3340_firmware
< mslbd.081.014
lexmark/b3442_firmware
< mslbd.081.014
lexmark/c2240_firmware
< cstzj.081.014
lexmark/c2325_firmware
< csnzj.081.014
... and 40 more
Published
Aug 26, 2022
Tracked Since
Feb 18, 2026