Lexmark Printer Security Alert: Firmware Updates Needed to Combat Dangerous Vulnerabilities

Lexmark, a leading manufacturer of printers and imaging products, has recently released a series of security firmware updates to address multiple vulnerabilities in over 100 of their printer models. If left unpatched, these vulnerabilities could enable remote code execution (RCE) or privilege escalation by malicious attackers. Thankfully, Lexmark is currently unaware of any instances where these vulnerabilities have been exploited in the wild. To determine a devices firmware level, select the “Settings”->“Reports”->”Menu Setting Page” menu item from the operator panel.

CVE-2023-26063, CVE-2023-26064, CVE-2023-26065, and CVE-2023-26066: PostScript Interpreter Vulnerabilities

Four critical vulnerabilities, each with a Common Vulnerability Scoring System (CVSS) score of 9.0, have been identified within the PostScript interpreter of various Lexmark devices. These vulnerabilities involve type confusion, out-of-bounds write, integer overflow, and improper validation of the stack in the PostScript interpreter.

In all cases, successful exploitation could allow an attacker to remotely execute arbitrary code on the affected devices. To mitigate these vulnerabilities, Lexmark recommends updating your device’s firmware if it is currently using an affected version.

CVE-2023-26067: Privilege Escalation Vulnerability

With a CVSS score of 8.0, this input validation vulnerability is found in a trusted internal component of Lexmark devices. This vulnerability can only be exploited by an attacker who has already compromised the device through other means. Successful exploitation would enable the attacker to escalate privileges and execute arbitrary code remotely. As with the previously mentioned vulnerabilities, Lexmark advises updating your device’s firmware to address this issue.

CVE-2023-26068: Embedded Web Server Vulnerability

A vulnerability in the embedded web server of newer Lexmark devices, with a CVSS score of 8.5, has been discovered. This vulnerability stems from improper input data sanitization, which could lead to remote code execution with the permissions of the embedded web server. To protect your device, ensure that you apply the recommended firmware update.

CVE-2023-26069 and CVE-2023-26070: Web API and SNMP Vulnerabilities

These two input validation vulnerabilities, each with a CVSS score of 9.0, have been identified in the web API and Simple Network Management Protocol (SNMP) features of various Lexmark devices. Both vulnerabilities can be exploited by attackers to remotely execute arbitrary code on the affected devices. Lexmark recommends updating your device’s firmware to mitigate these risks. Additionally, disabling the SNMP service or blocking access to TCP port 161 can serve as temporary workarounds.

Protect your printer devices

To ensure the security of your Lexmark printer, it is vital to stay informed about the latest vulnerabilities and apply the necessary firmware updates. By taking these preventive measures, you can effectively protect your devices from potential attackers seeking to exploit these weaknesses. Always prioritize device security to maintain the integrity of your valuable data and network.