Cyber Resilience

CVE-2023-50739

High

Published: 18 January 2025

Published
18 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0011 28.9th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-50739 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Lexmark (inferred from references). Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked at the 28.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2023-50739 is a buffer overflow vulnerability (CWE-122) in the Internet Printing Protocol (IPP) implementation across various Lexmark devices. Published on January 18, 2025, it has a CVSS v3.1 base score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The flaw allows an attacker to execute arbitrary code by overflowing the buffer during IPP processing.

An unauthenticated attacker positioned on an adjacent network, such as the same local subnet, can exploit this vulnerability with low attack complexity and no user interaction required. By transmitting crafted IPP requests to the affected device, the attacker triggers the buffer overflow, achieving arbitrary code execution. This results in high impacts to confidentiality, integrity, and availability on the targeted Lexmark printer or multifunction device.

Lexmark provides details on mitigations, patches, and affected products in their security advisories, accessible at https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html. Security practitioners should consult this resource for firmware updates or configuration guidance to address the vulnerability.

EU & UK References

Vulnerability details

A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Why these techniques?

Buffer overflow in IPP remote service directly enables unauthenticated RCE on adjacent network via crafted requests, mapping to exploitation of remote services.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-21250Shared CWE-122
CVE-2026-34329Shared CWE-122
CVE-2025-21282Shared CWE-122
CVE-2025-21248Shared CWE-122
CVE-2025-61983Shared CWE-122
CVE-2025-62673Shared CWE-122
CVE-2026-25243Shared CWE-122
CVE-2025-49676Shared CWE-122
CVE-2026-3556Shared CWE-122
CVE-2025-24051Shared CWE-122

Affected Assets

Lexmark
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Timely application of Lexmark firmware patches directly remediates the buffer overflow in IPP processing, preventing arbitrary code execution.

prevent

Memory protection safeguards like DEP and ASLR prevent unauthorized code execution resulting from the IPP buffer overflow.

prevent

Validating IPP request inputs for proper bounds and structure directly mitigates buffer overflow vulnerabilities during protocol processing.

References