CVE-2011-4538

Name: CVE-2011-4538
Creator: NVD / NIST
Published: 2020-03-09T19:15:11.8+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.3/10EPSS 0.87%

Last modified Jun 16, 2026

CVE-2011-4538 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain sensitive information by reading passwords within exported settings.. EPSS estimates a 0.87% chance of exploitation in the next 30 days.

Description

Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain sensitive information by reading passwords within exported settings.

Metrics

CVSS 3.1

5.3/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS Probability

0.87%

54.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-200

Affected Software

Vendor	Product	Versions
Lexmark	X860 Firmware	<= lp.sp.p108
Lexmark	X862 Firmware	<= lp.sp.p108
Lexmark	X864 Firmware	<= lp.sp.p108
Lexmark	X734 Firmware	<= lr.fl.p224c
Lexmark	X736 Firmware	<= lr.fl.p224c
Lexmark	X738 Firmware	<= lr.fl.p224c
Lexmark	X651 Firmware	<= lr.mn.p224a
Lexmark	X652 Firmware	<= lr.mn.p224a
Lexmark	X654 Firmware	<= lr.mn.p224a
Lexmark	X656 Firmware	<= lr.mn.p224a
Lexmark	X658 Firmware	<= lr.mn.p224a
Lexmark	X543 Firmware	<= ll.el.p511
Lexmark	X544 Firmware	<= ll.el.p511
Lexmark	X546 Firmware	<= ll.el.p511
Lexmark	X463 Firmware	<= lr.bs.p224a
Lexmark	X464 Firmware	<= lr.bs.p224a
Lexmark	X466 Firmware	<= lr.bs.p224a
Lexmark	X363 Firmware	<= ll.bz.p511
Lexmark	X364 Firmware	<= ll.bz.p511
Lexmark	W850 Firmware	<= lp.jb.p108
Lexmark	T650 Firmware	<= lr.jp.p224a
Lexmark	T652 Firmware	<= lr.jp.p224a
Lexmark	T654 Firmware	<= lr.jp.p224a
Lexmark	E460 Firmware	<= lr.lbh.p224a
Lexmark	E462 Firmware	<= lr.lbh.p224a
Lexmark	E360 Firmware	<= ll.lbm.p511
Lexmark	E260 Firmware	<= ll.lbl.p511
Lexmark	C734 Firmware	<= lr.sk.p224a
Lexmark	C736 Firmware	<= lr.sk.p224a
Lexmark	C546 Firmware	<= lu.as.p511
Lexmark	C540 Firmware	<= ll.as.p511
Lexmark	C543 Firmware	<= ll.as.p511
Lexmark	C544 Firmware	<= ll.as.p511

References

http://contentdelivery.lexmark.com/webcontent/CVE-2011-4538.pdfThird Party Advisory
http://contentdelivery.lexmark.com/webcontent/CVE-2011-4538.pdfThird Party Advisory

Timeline

Published: Mar 9, 2020
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2011-4538?

Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain sensitive information by reading passwords within exported settings.

How severe is CVE-2011-4538?

CVE-2011-4538 has a CVSS score of 5.3/10 (MEDIUM severity). The EPSS model estimates a 0.87% probability of exploitation in the next 30 days.

How do I fix CVE-2011-4538?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2011-4538?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST