CVE-2023-50739
Published: 18 January 2025
Summary
CVE-2023-50739 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Lexmark (inferred from references). Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked at the 28.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2023-50739 is a buffer overflow vulnerability (CWE-122) in the Internet Printing Protocol (IPP) implementation across various Lexmark devices. Published on January 18, 2025, it has a CVSS v3.1 base score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The flaw allows an attacker to execute arbitrary code by overflowing the buffer during IPP processing.
An unauthenticated attacker positioned on an adjacent network, such as the same local subnet, can exploit this vulnerability with low attack complexity and no user interaction required. By transmitting crafted IPP requests to the affected device, the attacker triggers the buffer overflow, achieving arbitrary code execution. This results in high impacts to confidentiality, integrity, and availability on the targeted Lexmark printer or multifunction device.
Lexmark provides details on mitigations, patches, and affected products in their security advisories, accessible at https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html. Security practitioners should consult this resource for firmware updates or configuration guidance to address the vulnerability.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-55495
Vulnerability details
A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in IPP remote service directly enables unauthenticated RCE on adjacent network via crafted requests, mapping to exploitation of remote services.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Timely application of Lexmark firmware patches directly remediates the buffer overflow in IPP processing, preventing arbitrary code execution.
Memory protection safeguards like DEP and ASLR prevent unauthorized code execution resulting from the IPP buffer overflow.
Validating IPP request inputs for proper bounds and structure directly mitigates buffer overflow vulnerabilities during protocol processing.