Cyber Resilience

CVE-2022-34886

High

Published: 27 October 2023

Published
27 October 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0379 88.3th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-34886 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Lenovo Gm265Dn Firmware. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 11.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

A remote code execution vulnerability exists in the firmware of some Lenovo printers. The flaw, tracked as CVE-2022-34886, stems from improper handling of an illegal string supplied to a server-side interface via a script, which triggers a stack overflow. It is identified under CWE-120 and CWE-787 and carries a CVSS 3.1 base score of 8.8.

An authenticated remote attacker with network access can supply the crafted input to trigger the overflow. Successful exploitation grants the ability to execute arbitrary code, resulting in full compromise of confidentiality, integrity, and availability on the affected printer firmware.

Lenovo has published advisory information at https://iknow.lenovo.com.cn/detail/205041.html. The EPSS score for this CVE rose from a low baseline to a peak of 0.0708 on 2025-12-11 before receding to the current value of 0.0379, indicating a period of increased exploitation interest after disclosure.

EU & UK References

Vulnerability details

A remote code execution vulnerability was found in the firmware used in some Lenovo printers, which can be caused by a remote user pushing an illegal string to the server-side interface via a script, resulting in a stack overflow.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

lenovo
gm265dn firmware
all versions
lenovo
gm266dns firmware
≤ 02.06.00.04.00
lenovo
g263dns firmware
≤ 02.06.00.04.00

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-120

Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.

addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

References