CVE-2025-4044 | THREATINT

Description

Improper Restriction of XML External Entity Reference in various Lexmark printer drivers for Windows allows attacker to disclose sensitive information to an arbitrary URL.

PUBLISHED Reserved 2025-04-28 | Published 2025-08-19 | Updated 2025-08-20 | Assigner Lexmark

HIGH: 8.2CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Problem types

CWE-611 Improper Restriction of XML External Entity Reference

Product status

Default status

unaffected

Any version before 3.0.6.0

affected

Default status

unaffected

Any version before 2.17.0.0

affected

References

www.lexmark.com/...security/lexmark-security-advisories.html

cve.org (CVE-2025-4044)

nvd.nist.gov (CVE-2025-4044)

Download JSON