### [CVE-2021-35449](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35449)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brightgreen)

### Description

The Lexmark Universal Print Driver version 2.15.1.0 and below, G2 driver 2.7.1.0 and below, G3 driver 3.2.0.0 and below, and G4 driver 4.2.1.0 and below are affected by a privilege escalation vulnerability. A standard low priviliged user can use the driver to execute a DLL of their choosing during the add printer process, resulting in escalation of privileges to SYSTEM.

### POC

#### Reference
- http://packetstormsecurity.com/files/163811/Lexmark-Driver-Privilege-Escalation.html

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/geeksniper/windows-privilege-escalation
- https://github.com/jacob-baines/concealed_position
- https://github.com/orgTestCodacy11KRepos110MB/repo-8984-concealed_position