CVE-2013-6032 · threatengine.sh

Home/CVE/cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and

CVE

CVE-2013-6032

cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and

cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and X646 before LC2.MC.P374, X642 through LC2.MB.P318, W840 through LS.HA.P252, T64x before LS.ST.P344, X64xef through LC2.TI.P325, C935dn through LC.JO.P091, C920 through LS.TA.P152, C78x through LC.IO.P187, X78x through LC2.IO.P335, C77x through LC.CM.P052, X772 through LC2.TR.P291, C53x through LS.SW.P069, C52x through LS.FA.P150, 25xxN through LCL.CU.P114, N4000 through LC.MD.P119, N4050e through GO.GO.N206, N70xxe through LC.CO.N309, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allows remote attackers to remove the Password Protect administrative password via the vac.255.GENPASSWORD parameter.

HIGH · CVSS 10 EPSS 0.0083

Schedule remediation

CVSS base score ≥ 7.0

Sigma rules0 YARA rules0

⬡

Weakness Classification

CWE-20Improper Input Validation

▤

Affected Products & Versions

23

lexmark 25xxn<= lcl.cu.p114
lexmark c52x<= ls.fa.p150
lexmark c53x<= ls.sw.p069
lexmark c77x<= lc.cm.p052
lexmark c78x<= lc.io.p187
lexmark c920<= ls.ta.p152
lexmark c935dn<= lc.jo.p091
lexmark e250<= le.pm.p126
Show all 23 affected productslexmark e350<= le.ph.p129
lexmark e450<= lm.sz.p124
lexmark n4000<= lc.md.p119
lexmark n4050e<= go.go.n206
lexmark n70xxe<= lc.co.n309
lexmark t64x<= ls.st.p343
lexmark w840<= ls.ha.p252
lexmark x642<= lc2.mb.p318
lexmark x644<= lc4.be.p487
lexmark x646<= lc2.mc.p373
lexmark x64xef<= lc2.ti.p325
lexmark x772<= lc2.tr.p291
lexmark x78x<= lc2.io.p335
lexmark x85x<= lc4.be.p487
lexmark x94x<= lc.br.p141

▣

Scoring & Timeline

10

HIGH · CVSS v2 (legacy) · cret@cert.org

View on NVD

This CVE predates CVSS v3; the legacy v2 score is shown so triage still has a severity to work with.

v2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Published to NVD04 Feb 2014 · 05:39 AM

🔗

References & Sources

2

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

http://support.lexmark.com/index?page=content&id=TE586

http://www.kb.cert.org/vuls/id/108062US Government Resource

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin