CVE-2025-4044

XML External Entity Injection vulnerability in various Lexmark Universal Drivers

Description

Improper Restriction of XML External Entity Reference in various Lexmark printer drivers for Windows allows attacker to disclose sensitive information to an arbitrary URL.

INFO

Published Date :

2025-08-19T13:12:09.782Z

Last Modified :

2026-02-26T17:48:29.270Z

Source :

Lexmark

AFFECTED PRODUCTS

The following products are affected by CVE-2025-4044 vulnerability.

Vendors	Products
Lexmark	Universal Print Driver
Microsoft	Windows

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-4044.

URL	Resource
https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact