CVE-2025-65080
Type Confusion in Lexmark Postscript Interpreter Enables Code Execution
Publication date: 2026-02-03
Last updated on: 2026-02-03
Assigner: Lexmark International
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| lexmark | postscript_interpreter | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-843 | The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a type confusion issue found in the Postscript interpreter of various Lexmark devices. It allows an attacker to exploit the flaw to execute arbitrary code on the affected device.
The attacker can run code with the privileges of an unprivileged user, potentially leading to unauthorized actions on the device.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to execute arbitrary code on affected Lexmark devices as an unprivileged user.
Such unauthorized code execution could lead to compromise of device functionality, unauthorized access to data, or use of the device as a foothold for further attacks within a network.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know