Vulnerability: Information Disclosure via Direct Read Operations on Lexmark Printers

Vulnerability: Information Disclosure via Direct Read Operations on Lexmark Printers

CVE-2016-3145 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory.

Learn more about our Physical Security Assessment.