Lexmark 安全漏洞(CVE-2023-40239)
CVE编号
CVE-2023-40239利用情况
暂无补丁情况
N/A披露时间
2023-09-01漏洞描述
2023-08-25之前的某些Lexmark设备(例如CS310)存在XXE攻击漏洞,可能导致信息泄露。修复的固件版本为LW80.*.P246,其中“*”表示完整版本规范因产品型号系列而异,但必须使用P246(或更高)固件级别来消除漏洞。解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| https://publications.lexmark.com/publications/security-alerts/CVE-2023-40239.pdf |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | lexmark | c2132_firmware | * | Up to (including) lw80.vy4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | cs310_firmware | * | Up to (including) lw80.vyl.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | cs317_firmware | * | Up to (including) lw80.vyl.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | cs410_firmware | * | Up to (including) lw80.vy2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | cs417_firmware | * | Up to (including) lw80.vy2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | cs510_firmware | * | Up to (including) lw80.vy4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | cs517_firmware | * | Up to (including) lw80.vy4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | cx310_firmware | * | Up to (including) lw80.gm2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | cx317_firmware | * | Up to (including) lw80.gm2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | cx410_firmware | * | Up to (including) lw80.gm4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | cx417_firmware | * | Up to (including) lw80.gm4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | cx510_firmware | * | Up to (including) lw80.gm7.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | cx517_firmware | * | Up to (including) lw80.gm7.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | m1140+_firmware | * | Up to (including) lw80.pr2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | m1140_firmware | * | Up to (including) lw80.prl.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | m1145_firmware | * | Up to (including) lw80.pr2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | m3150de_firmware | * | Up to (including) lw80.pr4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | m3150dn_firmware | * | Up to (including) lw80.pr2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | m5155_firmware | * | Up to (including) lw80.dn4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | m5163de_firmware | * | Up to (including) lw80.dn4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | m5163dn_firmware | * | Up to (including) lw80.dn2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | m5170_firmware | * | Up to (including) lw80.dn7.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms310_firmware | * | Up to (including) lw80.prl.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms312_firmware | * | Up to (including) lw80.prl.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms315_firmware | * | Up to (including) lw80.tl2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms317_firmware | * | Up to (including) lw80.prl.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms410_firmware | * | Up to (including) lw80.prl.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms415_firmware | * | Up to (including) lw80.tl2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms417_firmware | * | Up to (including) lw80.tl2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms510_firmware | * | Up to (including) lw80.pr2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms517_firmware | * | Up to (including) lw80.pr2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms610de_firmware | * | Up to (including) lw80.pr4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms610dn_firmware | * | Up to (including) lw80.pr2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms617_firmware | * | Up to (including) lw80.pr2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms710_firmware | * | Up to (including) lw80.dn2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms711_firmware | * | Up to (including) lw80.dn2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms810de_firmware | * | Up to (including) lw80.dn4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms810dn_firmware | * | Up to (including) lw80.dn2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms811_firmware | * | Up to (including) lw80.dn2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms812de_firmware | * | Up to (including) lw80.dn7.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms812dn_firmware | * | Up to (including) lw80.dn2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms817_firmware | * | Up to (including) lw80.dn2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms818_firmware | * | Up to (including) lw80.dn2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | ms911_firmware | * | Up to (including) lw80.sa.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx310_firmware | * | Up to (including) lw80.sb2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx317_firmware | * | Up to (including) lw80.sb2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx410_firmware | * | Up to (including) lw80.sb4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx417_firmware | * | Up to (including) lw80.sb4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx510_firmware | * | Up to (including) lw80.sb4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx511_firmware | * | Up to (including) lw80.sb4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx517_firmware | * | Up to (including) lw80.sb4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx610_firmware | * | Up to (including) lw80.sb7.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx611_firmware | * | Up to (including) lw80.sb7.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx617_firmware | * | Up to (including) lw80.sb7.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx710_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx711_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx717_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx718_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx810_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx811_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx812_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx910_firmware | * | Up to (including) lw80.mg.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx911_firmware | * | Up to (including) lw80.mg.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | mx912_firmware | * | Up to (including) lw80.mg.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xc2130_firmware | * | Up to (including) lw80.gm4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xc2132_firmware | * | Up to (including) lw80.gm7.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm1135_firmware | * | Up to (including) lw80.sb2.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm1140_firmware | * | Up to (including) lw80.sb4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm1145_firmware | * | Up to (including) lw80.sb4.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm3150_firmware | * | Up to (including) lw80.sb7.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm5163_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm5170_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm5263_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm5270_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm7155_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm7163_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm7170_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm7263_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm7270_firmware | * | Up to (including) lw80.tu.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm9145_firmware | * | Up to (including) lw80.mg.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm9155_firmware | * | Up to (including) lw80.mg.p245 | |||||
| 运行在以下环境 | |||||||||
| 系统 | lexmark | xm9165_firmware | * | Up to (including) lw80.mg.p245 | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | c2132 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | cs310 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | cs317 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | cs410 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | cs417 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | cs510 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | cs517 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | cx310 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | cx317 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | cx410 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | cx417 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | cx510 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | cx517 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | m1140 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | m1140+ | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | m1145 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | m3150de | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | m3150dn | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | m5155 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | m5163de | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | m5163dn | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | m5170 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms310 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms312 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms315 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms317 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms410 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms415 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms417 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms510 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms517 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms610de | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms610dn | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms617 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms710 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms711 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms810de | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms810dn | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms811 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms812de | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms812dn | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms817 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms818 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | ms911 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx310 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx317 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx410 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx417 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx510 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx511 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx517 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx610 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx611 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx617 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx710 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx711 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx717 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx718 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx810 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx811 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx812 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx910 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx911 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | mx912 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xc2130 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xc2132 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm1135 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm1140 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm1145 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm3150 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm5163 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm5170 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm5263 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm5270 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm7155 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm7163 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm7170 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm7263 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm7270 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm9145 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm9155 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lexmark | xm9165 | - | - | |||||
- 攻击路径 网络
- 攻击复杂度 低
- 权限要求 无
- 影响范围 未更改
- 用户交互 无
- 可用性 无
- 保密性 高
- 完整性 无
| CWE-ID | 漏洞类型 |
| CWE-611 | XML外部实体引用的不恰当限制(XXE) |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论