CVE-2019-10059

Name: CVE-2019-10059
Creator: NVD / NIST
Published: 2019-08-28T22:15:11.703+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.87%

Last modified Jun 17, 2026

CVE-2019-10059 is a vulnerability of currently unknown severity. The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices.. EPSS estimates a 0.87% chance of exploitation in the next 30 days.

Description

The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices.

Metrics

EPSS Probability

0.87%

54.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-254

Affected Software

Vendor	Product	Versions
Lexmark	Cs31x Firmware	<= lw71.vyl.p233
Lexmark	Cs41x Firmware	<= lw71.vy2.p233
Lexmark	Cx310 Firmware	<= lw71.gm2.p233
Lexmark	Ms310 Firmware	<= lw71.prl.p233
Lexmark	Ms312 Firmware	<= lw71.prl.p233
Lexmark	Ms317 Firmware	<= lw71.prl.p233
Lexmark	Ms410 Firmware	<= lw71.prl.p233
Lexmark	M1140 Firmware	<= lw71.prl.p233
Lexmark	Ms315 Firmware	<= lw71.tl2.p233
Lexmark	Ms415 Firmware	<= lw71.tl2.p233
Lexmark	Ms417 Firmware	<= lw71.tl2.p233
Lexmark	Ms51x Firmware	<= lw71.pr2.p233
Lexmark	Ms610dn Firmware	<= lw71.pr2.p233
Lexmark	Ms617 Firmware	<= lw71.pr2.p233
Lexmark	M1145 Firmware	<= lw71.pr2.p233
Lexmark	M3150dn Firmware	<= lw71.pr2.p233
Lexmark	Ms71x Firmware	<= lw71.dn2.p233
Lexmark	M5163dn Firmware	<= lw71.dn2.p233
Lexmark	Ms810 Firmware	<= lw71.dn2.p233
Lexmark	Ms811 Firmware	<= lw71.dn2.p233
Lexmark	Ms812 Firmware	<= lw71.dn2.p233
Lexmark	Ms817 Firmware	<= lw71.dn2.p233
Lexmark	Ms818 Firmware	<= lw71.dn2.p233
Lexmark	Ms810de Firmware	<= lw71.dn4.p233
Lexmark	M5155 Firmware	<= lw71.dn4.p233
Lexmark	M5163 Firmware	<= lw71.dn4.p233
Lexmark	Ms812de Firmware	<= lw71.dn7.p233
Lexmark	M5170 Firmware	<= lw71.dn7.p233
Lexmark	Ms91x Firmware	<= lw71.sa.p233
Lexmark	Mx31x Firmware	<= lw71.sb2.p233
Lexmark	Xm1135 Firmware	<= lw71.sb2.p233
Lexmark	Mx410 Firmware	<= lw71.sb4.p233
Lexmark	Mx510 Firmware	<= lw71.sb4.p233
Lexmark	Mx511 Firmware	<= lw71.sb4.p233
Lexmark	Mx610 Firmware	<= lw71.sb7.p233
Lexmark	Mx611 Firmware	<= lw71.sb7.p233
Lexmark	Xm3150 Firmware	<= lw71.sb7.p233
Lexmark	Mx71x Firmware	<= lw71.tu.p233
Lexmark	Mx81x Firmware	<= lw71.tu.p233
Lexmark	Xm51xx Firmware	<= lw71.tu.p233
Lexmark	Xm71xx Firmware	<= lw71.tu.p233
Lexmark	Mx91x Firmware	<= lw71.mg.p233
Lexmark	Xm91x Firmware	<= lw71.mg.p233
Lexmark	Mx6500e Firmware	<= lw71.jd.p233
Lexmark	C746 Firmware	<= lhs60.cm2.p705
Lexmark	C748 Firmware	<= lhs60.cm4.p705
Lexmark	Cs748 Firmware	<= lhs60.cm4.p705
Lexmark	C792 Firmware	<= lhs60.hc.p705
Lexmark	Cs796 Firmware	<= lhs60.hc.p705
Lexmark	C925 Firmware	<= lhs60.hv.p705

Showing 50 of 71 affected configurations. See NVD for the full list.

References

http://support.lexmark.com/index?page=content&id=TE923&locale=EN&userlocale=EN_USVendor Advisory
http://support.lexmark.com/index?page=content&id=TE923&locale=EN&userlocale=EN_USVendor Advisory

Timeline

Published: Aug 28, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-10059?

The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices.

How severe is CVE-2019-10059?

Severity scoring for CVE-2019-10059 is pending analysis. The EPSS model estimates a 0.87% probability of exploitation in the next 30 days.

How do I fix CVE-2019-10059?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-10059?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST