CVE-2019-10058

Home/CVE/Various Lexmark products have Incorrect Access Control.

CVE

Various Lexmark products have Incorrect Access Control.

CRITICAL · CVSS 9.1 EPSS 0.00313

Schedule remediation

CVSS base score ≥ 7.0

Sigma rules0 YARA rules0

▤

Affected Products & Versions

lexmark cs31x firmware<= lw71.vyl.p229
lexmark cs41x firmware<= lw71.vy2.p229
lexmark cx310 firmware<= lw71.gm2.p229
lexmark ms310 firmware<= lw71.prl.p229
lexmark ms312 firmware<= lw71.prl.p229
lexmark ms317 firmware<= lw71.prl.p229
lexmark ms410 firmware<= lw71.prl.p229
lexmark m1140 firmware<= lw71.prl.p229
Show all 60 affected productslexmark ms315 firmware<= lw71.tl2.p229
lexmark ms415 firmware<= lw71.tl2.p229
lexmark ms417 firmware<= lw71.tl2.p229
lexmark ms51x firmware<= lw71.pr2.p229
lexmark ms610dn firmware<= lw71.pr2.p229
lexmark ms617 firmware<= lw71.pr2.p229
lexmark m1145 firmware<= lw71.pr2.p229
lexmark m3150dn firmware<= lw71.pr2.p229
lexmark ms71x firmware<= lw71.dn2.p229
lexmark m5163dn firmware<= lw71.dn2.p229
lexmark ms810 firmware<= lw71.dn2.p229
lexmark ms811 firmware<= lw71.dn2.p229
lexmark ms812 firmware<= lw71.dn2.p229
lexmark ms817 firmware<= lw71.dn2.p229
lexmark ms818 firmware<= lw71.dn2.p229
lexmark ms810de firmware<= lw71.dn4.p229
lexmark m5155 firmware<= lw71.dn4.p229
lexmark m5163 firmware<= lw71.dn4.p229
lexmark ms812de firmware<= lw71.dn7.p229
lexmark m5170 firmware<= lw71.dn7.p229
lexmark ms91x firmware<= lw71.sa.p229
lexmark mx31x firmware<= lw71.sb2.p229
lexmark xm1135 firmware<= lw71.sb2.p229
lexmark mx410 firmware<= lw71.sb4.p229
lexmark mx510 firmware<= lw71.sb4.p229
lexmark mx511 firmware<= lw71.sb4.p229
lexmark mx610 firmware<= lw71.sb7.p229
lexmark mx611 firmware<= lw71.sb7.p229
lexmark xm3150 firmware<= lw71.sb7.p229
lexmark mx71x firmware<= lw71.tu.p229
lexmark mx81x firmware<= lw71.tu.p229
lexmark xm51xx firmware<= lw71.tu.p229
lexmark xm71xx firmware<= lw71.tu.p229
lexmark mx91x firmware<= lw71.mg.p229
lexmark xm91x firmware<= lw71.mg.p229
lexmark mx6500e firmware<= lw71.jd.p229
lexmark c746 firmware<= lhs60.cm2.p705
lexmark c748 firmware<= lhs60.cm4.p705
lexmark cs748 firmware<= lhs60.cm4.p705
lexmark c792 firmware<= lhs60.hc.p705
lexmark cs796 firmware<= lhs60.hc.p705
lexmark c925 firmware<= lhs60.hv.p705
lexmark c950 firmware<= lhs60.tp.p705
lexmark x548 firmware<= lhs60.vk.p705
lexmark xs548 firmware<= lhs60.vk.p705
lexmark x74x firmware<= lhs60.ny.p705
lexmark xs748 firmware<= lhs60.ny.p705
lexmark x792 firmware<= lhs60.mr.p705
lexmark xs79x firmware<= lhs60.mr.p705
lexmark x925 firmware<= lhs60.hk.p705
lexmark xs925 firmware<= lhs60.hk.p705
lexmark x95x firmware<= lhs60.tq.p705

▣

Scoring & Timeline

9.1

CRITICAL · CVSS v3.0 · cve@mitre.org

View on NVD

Attack Vector

Network Adjacent Local Physical

Attack Complexity

Low High

Privileges Required

None Low High

User Interaction

None Required

Scope

Unchanged Changed

Confidentiality

None Low High

Integrity

None Low High

Availability

None Low High

Published to NVD28 Aug 2019 · 04:15 PM

CVSS VectorCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

🔗

References & Sources

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

http://support.lexmark.com/index?page=content&id=TE922&locale=EN&userlocale=EN_USVendor Advisory

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin