CVE-2011-3269
high-risk
Published 2020-03-09
Lexmark X, W, T, E, C, 6500e, and 25xxN devices before 2011-11-15 allow attackers to obtain sensitive information via a hidden email address in a Scan To Email shortcut.
Do I need to act?
-
0.32% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (20)
X950 Firmware
X952 Firmware
X954 Firmware
X940E Firmware
X945E Firmware
X925De Firmware
X860 Firmware
X862 Firmware
X864 Firmware
X850 Firmware
X852 Firmware
X854 Firmware
X792De Firmware
X782E Firmware
X772E Firmware
X734 Firmware
X736 Firmware
X738 Firmware
X650 Firmware
X644 Firmware
Affected Vendors
References (2)
Third Party Advisory
http://contentdelivery.lexmark.com/webcontent/Email_shortcut_vulnerability.pdf
Third Party Advisory
http://contentdelivery.lexmark.com/webcontent/Email_shortcut_vulnerability.pdf
56
/ 100
high-risk
Severity
26/34 · High
Exploitability
1/34 · Minimal
Exposure
29/34 · Critical