CVE-2022-34886
Published: 27 October 2023
Summary
CVE-2022-34886 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Lenovo Gm265Dn Firmware. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 11.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
A remote code execution vulnerability exists in the firmware of some Lenovo printers. The flaw, tracked as CVE-2022-34886, stems from improper handling of an illegal string supplied to a server-side interface via a script, which triggers a stack overflow. It is identified under CWE-120 and CWE-787 and carries a CVSS 3.1 base score of 8.8.
An authenticated remote attacker with network access can supply the crafted input to trigger the overflow. Successful exploitation grants the ability to execute arbitrary code, resulting in full compromise of confidentiality, integrity, and availability on the affected printer firmware.
Lenovo has published advisory information at https://iknow.lenovo.com.cn/detail/205041.html. The EPSS score for this CVE rose from a low baseline to a peak of 0.0708 on 2025-12-11 before receding to the current value of 0.0379, indicating a period of increased exploitation interest after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-37790
Vulnerability details
A remote code execution vulnerability was found in the firmware used in some Lenovo printers, which can be caused by a remote user pushing an illegal string to the server-side interface via a script, resulting in a stack overflow.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.
Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.