CVE-2023-26068 - Vulnerability Details

Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4).

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.77712.

Exploitation none

Automatable yes

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:lexmark:cxtpc_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:cx930:-:::::::*
	cpe:2.3:h:lexmark:cx931:-:::::::*
	cpe:2.3:h:lexmark:cx942:-:::::::*
	cpe:2.3:h:lexmark:cx943:-:::::::*
	cpe:2.3:h:lexmark:cx944:-:::::::*
	cpe:2.3:h:lexmark:xc9325:-:::::::*
	cpe:2.3:h:lexmark:xc9335:-:::::::*
	cpe:2.3:h:lexmark:xc9445:-:::::::*
	cpe:2.3:h:lexmark:xc9455:-:::::::*
	cpe:2.3:h:lexmark:xc9465:-:::::::*

Configuration 2 [-]

AND

cpe:2.3:o:lexmark:cstpc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:cs943:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:lexmark:mxtct_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:mx432:-:::::::*
	cpe:2.3:h:lexmark:xm3142:-:::::::*

Configuration 4 [-]

AND

cpe:2.3:o:lexmark:mxtpm_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:mx931:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:lexmark:cxtmm_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:cx730:-:::::::*
	cpe:2.3:h:lexmark:cx735:-:::::::*
	cpe:2.3:h:lexmark:xc4342:-:::::::*
	cpe:2.3:h:lexmark:xc4352:-:::::::*

Configuration 6 [-]

AND

cpe:2.3:o:lexmark:mslsg_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:b2236:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:lexmark:mxlsg_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:mb2236:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:lexmark:mslbd_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:b3340:-:::::::*
	cpe:2.3:h:lexmark:b3442:-:::::::*
	cpe:2.3:h:lexmark:m1342:-:::::::*
	cpe:2.3:h:lexmark:ms331:-:::::::*
	cpe:2.3:h:lexmark:ms431:-:::::::*
	cpe:2.3:h:lexmark:ms439:-:::::::*

Configuration 9 [-]

AND

cpe:2.3:o:lexmark:mxlbd_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:mb3442:-:::::::*
	cpe:2.3:h:lexmark:mx331:-:::::::*
	cpe:2.3:h:lexmark:mx431:-:::::::*
	cpe:2.3:h:lexmark:xm1342:-:::::::*

Configuration 10 [-]

AND

cpe:2.3:o:lexmark:msngm_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:b2338:-:::::::*
	cpe:2.3:h:lexmark:b2442:-:::::::*
	cpe:2.3:h:lexmark:b2546:-:::::::*
	cpe:2.3:h:lexmark:b2650:-:::::::*
	cpe:2.3:h:lexmark:m1242:-:::::::*
	cpe:2.3:h:lexmark:m1246:-:::::::*
	cpe:2.3:h:lexmark:m3250:-:::::::*
	cpe:2.3:h:lexmark:ms321:-:::::::*
	cpe:2.3:h:lexmark:ms421:-:::::::*
	cpe:2.3:h:lexmark:ms521:-:::::::*
	cpe:2.3:h:lexmark:ms621:-:::::::*
	cpe:2.3:h:lexmark:ms622:-:::::::*

Configuration 11 [-]

AND

cpe:2.3:o:lexmark:mxngm_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:mb2338:-:::::::*
	cpe:2.3:h:lexmark:mx321:-:::::::*

Configuration 12 [-]

AND

cpe:2.3:o:lexmark:mxtgm_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:mb2442:-:::::::*
	cpe:2.3:h:lexmark:mb2546:-:::::::*
	cpe:2.3:h:lexmark:mb2650:-:::::::*
	cpe:2.3:h:lexmark:mx421:-:::::::*
	cpe:2.3:h:lexmark:mx521:-:::::::*
	cpe:2.3:h:lexmark:mx522:-:::::::*
	cpe:2.3:h:lexmark:mx622:-:::::::*
	cpe:2.3:h:lexmark:xm1242:-:::::::*
	cpe:2.3:h:lexmark:xm1246:-:::::::*
	cpe:2.3:h:lexmark:xm3250:-:::::::*

Configuration 13 [-]

AND

cpe:2.3:o:lexmark:msngw_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:b2865:-:::::::*
	cpe:2.3:h:lexmark:ms725:-:::::::*
	cpe:2.3:h:lexmark:ms821:-:::::::*
	cpe:2.3:h:lexmark:ms823:-:::::::*
	cpe:2.3:h:lexmark:ms825:-:::::::*

Configuration 14 [-]

AND

cpe:2.3:o:lexmark:mstgw_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:m5255:-:::::::*
	cpe:2.3:h:lexmark:m5270:-:::::::*
	cpe:2.3:h:lexmark:ms822:-:::::::*
	cpe:2.3:h:lexmark:ms826:-:::::::*

Configuration 15 [-]

AND

cpe:2.3:o:lexmark:mxtgw_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:mb2770:-:::::::*
	cpe:2.3:h:lexmark:mx721:-:::::::*
	cpe:2.3:h:lexmark:mx722:-:::::::*
	cpe:2.3:h:lexmark:mx725:-:::::::*
	cpe:2.3:h:lexmark:mx822:-:::::::*
	cpe:2.3:h:lexmark:mx826:-:::::::*
	cpe:2.3:h:lexmark:xm5365:-:::::::*
	cpe:2.3:h:lexmark:xm5370:-:::::::*
	cpe:2.3:h:lexmark:xm7355:-:::::::*
	cpe:2.3:h:lexmark:xm7370:-:::::::*

Configuration 16 [-]

AND

cpe:2.3:o:lexmark:cslbn_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:c3426:-:::::::*
	cpe:2.3:h:lexmark:cs431:-:::::::*
	cpe:2.3:h:lexmark:cs439:-:::::::*

Configuration 17 [-]

AND

cpe:2.3:o:lexmark:cslbl_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:c3224:-:::::::*
	cpe:2.3:h:lexmark:c3326:-:::::::*
	cpe:2.3:h:lexmark:cs331:-:::::::*

Configuration 18 [-]

AND

cpe:2.3:o:lexmark:cslbn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:c2326:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:lexmark:cxlbn_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:cx431:-:::::::*
	cpe:2.3:h:lexmark:mc3426:-:::::::*
	cpe:2.3:h:lexmark:xc2326:-:::::::*

Configuration 20 [-]

AND

cpe:2.3:o:lexmark:cxlbl_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:mc3224:-:::::::*
	cpe:2.3:h:lexmark:mc3326:-:::::::*

Configuration 21 [-]

AND

cpe:2.3:o:lexmark:csnzj_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:c2325:-:::::::*
	cpe:2.3:h:lexmark:c2425:-:::::::*
	cpe:2.3:h:lexmark:c2535:-:::::::*
	cpe:2.3:h:lexmark:cs421:-:::::::*
	cpe:2.3:h:lexmark:cs521:-:::::::*

Configuration 22 [-]

AND

cpe:2.3:o:lexmark:csnzj_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:c2325:-:::::::*
	cpe:2.3:h:lexmark:c2425:-:::::::*
	cpe:2.3:h:lexmark:c2535:-:::::::*
	cpe:2.3:h:lexmark:cs421:-:::::::*
	cpe:2.3:h:lexmark:cs521:-:::::::*

Configuration 23 [-]

AND

cpe:2.3:o:lexmark:cxtzj_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:cx522:-:::::::*
	cpe:2.3:h:lexmark:cx622:-:::::::*
	cpe:2.3:h:lexmark:cx625:-:::::::*
	cpe:2.3:h:lexmark:mc2535:-:::::::*
	cpe:2.3:h:lexmark:mc2640:-:::::::*
	cpe:2.3:h:lexmark:xc2235:-:::::::*
	cpe:2.3:h:lexmark:xc4240:-:::::::*

Configuration 24 [-]

AND

cpe:2.3:o:lexmark:cxnzj_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:cx421:-:::::::*
	cpe:2.3:h:lexmark:mc2325:-:::::::*
	cpe:2.3:h:lexmark:mc2425:-:::::::*

Configuration 25 [-]

AND

cpe:2.3:o:lexmark:cxtpp_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:cx820:-:::::::*
	cpe:2.3:h:lexmark:cx825:-:::::::*
	cpe:2.3:h:lexmark:cx827:-:::::::*
	cpe:2.3:h:lexmark:cx86:-:::::::*
	cpe:2.3:h:lexmark:xc6152:-:::::::*
	cpe:2.3:h:lexmark:xc6153:-:::::::*
	cpe:2.3:h:lexmark:xc8155:-:::::::*
	cpe:2.3:h:lexmark:xc8160:-:::::::*
	cpe:2.3:h:lexmark:xc8163:-:::::::*

Configuration 26 [-]

AND

cpe:2.3:o:lexmark:cxtpp_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:c6160:-:::::::*
	cpe:2.3:h:lexmark:cs820:-:::::::*
	cpe:2.3:h:lexmark:cs827:-:::::::*

Configuration 27 [-]

AND

cpe:2.3:o:lexmark:cstat_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:c4150:-:::::::*
	cpe:2.3:h:lexmark:cs720:-:::::::*
	cpe:2.3:h:lexmark:cs725:-:::::::*
	cpe:2.3:h:lexmark:cs727:-:::::::*
	cpe:2.3:h:lexmark:cs728:-:::::::*

Configuration 28 [-]

AND

cpe:2.3:o:lexmark:cxtat_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:cx725:-:::::::*
	cpe:2.3:h:lexmark:cx727:-:::::::*
	cpe:2.3:h:lexmark:xc4140:-:::::::*
	cpe:2.3:h:lexmark:xc4143:-:::::::*
	cpe:2.3:h:lexmark:xc4150:-:::::::*
	cpe:2.3:h:lexmark:xc4153:-:::::::*

Configuration 29 [-]

AND

cpe:2.3:o:lexmark:cstmh_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lexmark:cs921:-:::::::*
	cpe:2.3:h:lexmark:cs923:-:::::::*
	cpe:2.3:h:lexmark:cs927:-:::::::*

No data.

Project Subscriptions

Vendors	Products
Lexmark Subscribe	B2236 Subscribe B2338 Subscribe B2442 Subscribe B2546 Subscribe B2650 Subscribe B2865 Subscribe B3340 Subscribe B3442 Subscribe C2325 Subscribe C2326 Subscribe C2425 Subscribe C2535 Subscribe C3224 Subscribe C3326 Subscribe C3426 Subscribe C4150 Subscribe C6160 Subscribe Cs331 Subscribe Cs421 Subscribe Cs431 Subscribe Cs439 Subscribe Cs521 Subscribe Cs720 Subscribe Cs725 Subscribe Cs727 Subscribe Cs728 Subscribe Cs820 Subscribe Cs827 Subscribe Cs921 Subscribe Cs923 Subscribe Cs927 Subscribe Cs943 Subscribe Cslbl Firmware Subscribe Cslbn Firmware Subscribe Csnzj Firmware Subscribe Cstat Firmware Subscribe Cstmh Firmware Subscribe Cstpc Firmware Subscribe Cx421 Subscribe Cx431 Subscribe Cx522 Subscribe Cx622 Subscribe Cx625 Subscribe Cx725 Subscribe Cx727 Subscribe Cx730 Subscribe Cx735 Subscribe Cx820 Subscribe Cx825 Subscribe Cx827 Subscribe Cx86 Subscribe Cx930 Subscribe Cx931 Subscribe Cx942 Subscribe Cx943 Subscribe Cx944 Subscribe Cxlbl Firmware Subscribe Cxlbn Firmware Subscribe Cxnzj Firmware Subscribe Cxtat Firmware Subscribe Cxtmm Firmware Subscribe Cxtpc Firmware Subscribe Cxtpp Firmware Subscribe Cxtzj Firmware Subscribe M1242 Subscribe M1246 Subscribe M1342 Subscribe M3250 Subscribe M5255 Subscribe M5270 Subscribe Mb2236 Subscribe Mb2338 Subscribe Mb2442 Subscribe Mb2546 Subscribe Mb2650 Subscribe Mb2770 Subscribe Mb3442 Subscribe Mc2325 Subscribe Mc2425 Subscribe Mc2535 Subscribe Mc2640 Subscribe Mc3224 Subscribe Mc3326 Subscribe Mc3426 Subscribe Ms321 Subscribe Ms331 Subscribe Ms421 Subscribe Ms431 Subscribe Ms439 Subscribe Ms521 Subscribe Ms621 Subscribe Ms622 Subscribe Ms725 Subscribe Ms821 Subscribe Ms822 Subscribe Ms823 Subscribe Ms825 Subscribe Ms826 Subscribe Mslbd Firmware Subscribe Mslsg Firmware Subscribe Msngm Firmware Subscribe Msngw Firmware Subscribe Mstgw Firmware Subscribe Mx321 Subscribe Mx331 Subscribe Mx421 Subscribe Mx431 Subscribe Mx432 Subscribe Mx521 Subscribe Mx522 Subscribe Mx622 Subscribe Mx721 Subscribe Mx722 Subscribe Mx725 Subscribe Mx822 Subscribe Mx826 Subscribe Mx931 Subscribe Mxlbd Firmware Subscribe Mxlsg Firmware Subscribe Mxngm Firmware Subscribe Mxtct Firmware Subscribe Mxtgm Firmware Subscribe Mxtgw Firmware Subscribe Mxtpm Firmware Subscribe Xc2235 Subscribe Xc2326 Subscribe Xc4140 Subscribe Xc4143 Subscribe Xc4150 Subscribe Xc4153 Subscribe Xc4240 Subscribe Xc4342 Subscribe Xc4352 Subscribe Xc6152 Subscribe Xc6153 Subscribe Xc8155 Subscribe Xc8160 Subscribe Xc8163 Subscribe Xc9325 Subscribe Xc9335 Subscribe Xc9445 Subscribe Xc9455 Subscribe Xc9465 Subscribe Xm1242 Subscribe Xm1246 Subscribe Xm1342 Subscribe Xm3142 Subscribe Xm3250 Subscribe Xm5365 Subscribe Xm5370 Subscribe Xm7355 Subscribe Xm7370 Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://packetstormsecurity.com/files/174763/Lexmark-Device-Embedded-Web-Server-Remote-Code-Execution.html
https://publications.lexmark.com/publications/security-alerts/CVE-2023-26068.pdf
https://support.lexmark.com/alerts/

History

Mon, 05 May 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-04-10T00:00:00.000Z

Updated: 2025-05-05T16:04:52.135Z

Reserved: 2023-02-19T00:00:00.000Z

Link: CVE-2023-26068

Vulnrichment

Updated: 2024-08-02T11:39:06.562Z

NVD

Status : Modified

Published: 2023-04-10T20:15:10.483

Modified: 2025-05-05T16:15:30.823

Link: CVE-2023-26068

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-20

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object