CVE-2022-3429 : A denial-of-service vulnerability was found in the firmware used in Lenovo print

A denial-of-service vulnerability was found in the firmware used in Lenovo printers, where users send illegal or malformed strings to an open port, triggering a denial of service that causes a display error and prevents the printer from functioning properly.

Published 2023-10-27 19:15:41

Updated 2023-10-29 01:44:43

Source Lenovo Group Ltd.

View at NVD, CVE.org

Vulnerability category: Input validationDenial of service

Products affected by CVE-2022-3429

We don't have affected product information for this CVE yet

Exploit prediction scoring system (EPSS) score for CVE-2022-3429

EPSS FAQ

0.08%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 20 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-3429

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	2.8	3.6	Lenovo Group Ltd.
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2022-3429

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: psirt@lenovo.com (Primary)

References for CVE-2022-3429

https://iknow.lenovo.com.cn/detail/205041.html

【安全公告】 LEN-101969 联想打印机漏洞-联想知识库

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-3429

Products affected by CVE-2022-3429

Exploit prediction scoring system (EPSS) score for CVE-2022-3429

CVSS scores for CVE-2022-3429

CWE ids for CVE-2022-3429

References for CVE-2022-3429