CVE Catalog

CVE-2020-35546

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.33%

25th percentile - higher than 25% of all known CVEs

Summary

Lexmark MX6500 devices with firmware LW75.JD.P296 and earlier have an incorrect access control vulnerability in the access control settings. This could allow unauthorized users to bypass security restrictions.

Risk Assessment

The risk involves potential unauthorized access to administrative functions or device data, which could lead to confidentiality and integrity breaches within the organization.

Recommendation

It is recommended to immediately update the firmware of Lexmark MX6500 devices to the latest available version that addresses this vulnerability.

Original NVD description (English source)

Lexmark MX6500 LW75.JD.P296 and previous devices have Incorrect Access Control via the access control settings.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS