CVE-2016-3145

Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:lexmark:cx820de:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cx820dtfe:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cx825de:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cx825dte:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cx825dtfe:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cx860de:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cx860dte:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cx860dtfe:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:xc6152de:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:xc6152dtfe:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:xc8155de:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:xc8155dte:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:xc8160de:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:xc8160dte:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:lexmark:c4150:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cs720de:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cs720dte:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cs725de:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cs725dte:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:c6160:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:lexmark:cs820de:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cs820dte:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cs820dtfe:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:lexmark:cx725de:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cx725dhe:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:cx725dthe:-:*:*:*:*:*:*:*
cpe:2.3:h:lexmark:xc4150:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:49

Type Values Removed Values Added
References () http://support.lexmark.com/index?page=content&id=TE760 - Vendor Advisory () http://support.lexmark.com/index?page=content&id=TE760 - Vendor Advisory

Information

Published : 2016-04-22 00:59

Updated : 2024-11-21 02:49


NVD link : CVE-2016-3145

Mitre link : CVE-2016-3145

CVE.ORG link : CVE-2016-3145


JSON object : View

Products Affected

lexmark

  • printer_firmware
  • xc6152de
  • cx725dhe
  • cs820dtfe
  • xc4150
  • xc8160dte
  • cs820de
  • xc8155de
  • cs725dte
  • xc6152dtfe
  • cx725dthe
  • cx860de
  • c6160
  • cx860dte
  • c4150
  • cx825dtfe
  • cx820de
  • cx825dte
  • cx825de
  • cs720de
  • xc8155dte
  • xc8160de
  • cs820dte
  • cx725de
  • cs720dte
  • cx820dtfe
  • cs725de
  • cx860dtfe
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor