CVE-2025-1127
Published: 13 February 2025
Summary
CVE-2025-1127 is a critical-severity Path Traversal (CWE-22) vulnerability in Lexmark (inferred from references). Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 46.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-1127 is a critical vulnerability (CVSS score 9.1, CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) published on 2025-02-13, associated with CWE-22 (Path Traversal) and CWE-362 (Race Condition). It affects Lexmark products, as referenced in their security advisories. The flaw allows an attacker to execute arbitrary code as an unprivileged user and/or modify the contents of any data on the filesystem.
Exploitation requires high privileges (PR:H) and network access (AV:N) with low attack complexity and no user interaction. A privileged attacker can leverage this over the network to achieve arbitrary code execution running as an unprivileged user, alongside full filesystem modification capabilities, with changed scope (S:C) leading to high confidentiality, integrity, and availability impacts.
Lexmark's security advisories, available at https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html, provide details on mitigation and patches for this vulnerability.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-2017
Vulnerability details
The vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user and/or modify the contents of any data on the filesystem.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Network-accessible path traversal/race condition in public-facing Lexmark device directly enables remote exploitation (T1190) leading to arbitrary code execution via command/shell interpreters (T1059.001) plus unrestricted filesystem writes.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates CVE-2025-1127 by requiring timely application of Lexmark patches to remediate the path traversal and race condition flaws.
Prevents exploitation of the CWE-22 path traversal aspect by enforcing validation of inputs used in file path operations.
Enforces filesystem access controls to limit arbitrary modifications by privileged attackers even if path traversal partially succeeds.