CVE-2011-4538

Home/CVE/Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain sensitive information by reading passwords

CVE

Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain sensitive information by reading passwords

Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain sensitive information by reading passwords within exported settings.

MEDIUM · CVSS 5.3 EPSS 0.00232

Monitor

No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence

Sigma rules0 YARA rules0

⬡

Weakness Classification

CWE-200Exposure of Sensitive Information to an Unauthorized Actor

▤

Affected Products & Versions

lexmark x860 firmware<= lp.sp.p108
lexmark x862 firmware<= lp.sp.p108
lexmark x864 firmware<= lp.sp.p108
lexmark x734 firmware<= lr.fl.p224c
lexmark x736 firmware<= lr.fl.p224c
lexmark x738 firmware<= lr.fl.p224c
lexmark x651 firmware<= lr.mn.p224a
lexmark x652 firmware<= lr.mn.p224a
Show all 33 affected productslexmark x654 firmware<= lr.mn.p224a
lexmark x656 firmware<= lr.mn.p224a
lexmark x658 firmware<= lr.mn.p224a
lexmark x543 firmware<= ll.el.p511
lexmark x544 firmware<= ll.el.p511
lexmark x546 firmware<= ll.el.p511
lexmark x463 firmware<= lr.bs.p224a
lexmark x464 firmware<= lr.bs.p224a
lexmark x466 firmware<= lr.bs.p224a
lexmark x363 firmware<= ll.bz.p511
lexmark x364 firmware<= ll.bz.p511
lexmark w850 firmware<= lp.jb.p108
lexmark t650 firmware<= lr.jp.p224a
lexmark t652 firmware<= lr.jp.p224a
lexmark t654 firmware<= lr.jp.p224a
lexmark e460 firmware<= lr.lbh.p224a
lexmark e462 firmware<= lr.lbh.p224a
lexmark e360 firmware<= ll.lbm.p511
lexmark e260 firmware<= ll.lbl.p511
lexmark c734 firmware<= lr.sk.p224a
lexmark c736 firmware<= lr.sk.p224a
lexmark c546 firmware<= lu.as.p511
lexmark c540 firmware<= ll.as.p511
lexmark c543 firmware<= ll.as.p511
lexmark c544 firmware<= ll.as.p511

▣

Scoring & Timeline

5.3

MEDIUM · CVSS v3.1 · cve@mitre.org

View on NVD

Attack Vector

Network Adjacent Local Physical

Attack Complexity

Low High

Privileges Required

None Low High

User Interaction

None Required

Scope

Unchanged Changed

Confidentiality

None Low High

Integrity

None Low High

Availability

None Low High

Published to NVD09 Mar 2020 · 07:15 PM

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

🔗

References & Sources

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

http://contentdelivery.lexmark.com/webcontent/CVE-2011-4538.pdfThird Party Advisory

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin