CVE-2023-23560: Critical server-side request forgery flaw in Lexmark products
Recently, Lexmark released software to remediate two security vulnerabilities affecting certain of its products that could expose users to remote code execution and brute force attacks.
A of the flaws is critical, carrying a severity rating of 9.0 out of a maximum of 10, the manufacturers of laser printers and imaging products noted in its first security bulletin for 2023.
Tracked as CVE-2023-23560, Lexmark products are vulnerable to server-side request forgery, caused by improper input validation in the Web Services feature. A remote attacker could exploit this vulnerability to conduct an SSRF attack, allowing the attacker to execute arbitrary code on the system.
“A Server-Side Request Forgery (SSRF) vulnerability has been identified in the Web Services feature of newer Lexmark devices. This vulnerability can be leveraged by an attacker to gain arbitrary code execution on the device,” the company wrote in its advisories.
Besides releasing new firmware to address the issues, Lexmark has also provided workarounds to mitigate them until the patches can be applied.
While there is no indication that the CVE-2023-23560 bug has been exploited in the wild, proof of concept code has been publicly published.
A second vulnerability relates to bypass protections on the device (CVE-2023-22960, CVSS score: 5.3) that could be weaponized by an unauthenticated attacker to bypass the brute-force protection, allowing unrestricted attempts to guess a local account’s credentials. Panagiotis Chartas (t3l3machus) has been credited for reporting this flaw.
To protect servers from cyber attacks, some organizations deploy the identity and governance administration (IGA) solution. Such user administration guarantees minimum necessary access rights to perform their job function. The reduced risk from unauthorized access or malicious activities that may wound up putting the server’s security to the test can be effectively curbed by implementing the principle of least privilege. Careful and regular reviewing of user access permissions can strengthen server security and reduce significantly the potential impact of security breaches and/or insider threats, ultimately moving the organization towards the ideal model of zero trust security.