ZDI-23-663: (Pwn2Own) Lexmark MC3224i pagemaker NAME Type Confusion Remote Code Execution Vulnerability

May 17, 2023, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark MC3224i printers. Authentication is not required to exploit this vulnerability.

arbitrary code attackers authentication code code execution exploit lexmark name network printers pwn2own remote code remote code execution type confusion vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-427: Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability 14 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +17

ZDI-24-426: Adobe Acrobat Reader DC AcroForm Use-After-Free Information Disclosure Vulnerability 14 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +19

ZDI-24-425: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 14 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +18

ZDI-24-424: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 14 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +18

ZDI-24-423: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 14 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +18

ZDI-24-422: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 14 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +18

ZDI-24-421: SonicWALL GMS Virtual Appliance ECMClientAuthenticator Hard-Coded Credential Authentication Bypass Vulnerability 14 hours ago | www.zerodayinitiative.com

attackers authentication authentication bypass bypass +14

ZDI-24-420: SonicWALL GMS Virtual Appliance ECMPolicy XML External Entity Processing Information Disclosure Vulnerability 14 hours ago | www.zerodayinitiative.com

attackers authentication can cve +19

ZDI-24-419: (Pwn2Own) Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability 6 days, 14 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +18

Incident Response Lead

@ Blue Yonder | Hyderabad

View on infosec-jobs.com

GRC Analyst

@ Chubb | Malaysia

View on infosec-jobs.com

Information Security Manager

@ Walbec Group | Waukesha, WI, United States

View on infosec-jobs.com

Senior Executive / Manager, Security Ops (TSSQ)

@ SMRT Corporation Ltd | Singapore, SG

View on infosec-jobs.com

Senior Engineer, Cybersecurity

@ Sonova Group | Valencia (CA), United States

View on infosec-jobs.com

Consultant (Multiple Positions Available)

@ Atos | Plano, TX, US, 75093

View on infosec-jobs.com

View more jobs

all InfoSec news

ZDI-23-663: (Pwn2Own) Lexmark MC3224i pagemaker NAME Type Confusion Remote Code Execution Vulnerability

More from www.zerodayinitiative.com / ZDI: Published Advisories

Jobs in InfoSec / Cybersecurity

Incident Response Lead

GRC Analyst

Information Security Manager

Senior Executive / Manager, Security Ops (TSSQ)

Senior Engineer, Cybersecurity

Consultant (Multiple Positions Available)