CVE-2022-29850
HIGHCVSS 8.1/10EPSS 0.84%
Last modified
CVE-2022-29850 is a high-severity vulnerability rated 8.1/10 on the CVSS scale. Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots.. EPSS estimates a 0.84% chance of exploitation in the next 30 days.
Description
Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots.
Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Lexmark | B2236 Firmware | < mslsg.081.014 |
| Lexmark | Mb2236 Firmware | < mxlsg.081.014 |
| Lexmark | Ms331 Firmware | < mslbd.081.014 |
| Lexmark | Ms431 Firmware | < mslbd.081.014 |
| Lexmark | M1342 Firmware | < mslbd.081.014 |
| Lexmark | B3442 Firmware | < mslbd.081.014 |
| Lexmark | B3340 Firmware | < mslbd.081.014 |
| Lexmark | Xm1342 Firmware | < mslbd.081.014 |
| Lexmark | Mx331 Firmware | < mxlbd.081.014 |
| Lexmark | Mx431 Firmware | < mxlbd.081.014 |
| Lexmark | Mb3442 Firmware | < mxlbd.081.014 |
| Lexmark | Ms321 Firmware | < msngm.081.014 |
| Lexmark | Ms421 Firmware | < msngm.081.014 |
| Lexmark | Ms521 Firmware | < msngm.081.014 |
| Lexmark | Ms621 Firmware | < msngm.081.014 |
| Lexmark | M1242 Firmware | < msngm.081.014 |
| Lexmark | M1246 Firmware | < msngm.081.014 |
| Lexmark | B2338 Firmware | < msngm.081.014 |
| Lexmark | B2442 Firmware | < msngm.081.014 |
| Lexmark | B2546 Firmware | < msngm.081.014 |
| Lexmark | B2650 Firmware | < msngm.081.014 |
| Lexmark | Ms622 Firmware | < mstgm.081.014 |
| Lexmark | M3250 Firmware | < mstgm.081.014 |
| Lexmark | Mx321 Firmware | < mxngm.081.014 |
| Lexmark | Mx421 Firmware | < mxtgm.081.014 |
| Lexmark | Mx521 Firmware | < mxtgm.081.014 |
| Lexmark | Mx522 Firmware | < mxtgm.081.014 |
| Lexmark | Mx622 Firmware | < mxtgm.081.014 |
| Lexmark | Xm1242 Firmware | < mxtgm.081.014 |
| Lexmark | Xm1246 Firmware | < mxtgm.081.014 |
| Lexmark | Xm3250 Firmware | < mxtgm.081.014 |
| Lexmark | Mb2442 Firmware | < mxtgm.081.014 |
| Lexmark | Mb2546 Firmware | < mxtgm.081.014 |
| Lexmark | Mb2650 Firmware | < mxtgm.081.014 |
| Lexmark | Ms725 Firmware | < msngw.081.014 |
| Lexmark | Ms821 Firmware | < msngw.081.014 |
| Lexmark | Ms823 Firmware | < msngw.081.014 |
| Lexmark | Ms825 Firmware | < msngw.081.014 |
| Lexmark | B2865 Firmware | < msngw.081.014 |
| Lexmark | Ms822 Firmware | < mstgw.081.014 |
| Lexmark | Ms826 Firmware | < mstgw.081.014 |
| Lexmark | M5255 Firmware | < mstgw.081.014 |
| Lexmark | M5270 Firmware | < mstgw.081.014 |
| Lexmark | Mx721 Firmware | < mxtgw.081.014 |
| Lexmark | Mx722 Firmware | < mxtgw.081.014 |
| Lexmark | Mx822 Firmware | < mxtgw.081.014 |
| Lexmark | Mx826 Firmware | < mxtgw.081.014 |
| Lexmark | Xm5365 Firmware | < mxtgw.081.014 |
| Lexmark | Xm7355 Firmware | < mxtgw.081.014 |
| Lexmark | Xm7370 Firmware | < mxtgw.081.014 |
Showing 50 of 118 affected configurations. See NVD for the full list.
References
- https://support.lexmark.com/alerts/Vendor Advisory
- https://support.lexmark.com/alerts/Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-29850?
Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots.
How severe is CVE-2022-29850?
CVE-2022-29850 has a CVSS score of 8.1/10 (HIGH severity). The EPSS model estimates a 0.84% probability of exploitation in the next 30 days.
How do I fix CVE-2022-29850?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2022-29850?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST