Product reviews, deals and the latest tech news

A security flaw in Lexmark leaves thousands of its printers vulnerable to attack

Due to the disclosure of a proof-of-concept (PoC) attack that might lead to remote code execution, Lexmark has recommended its customers to upgrade their printer’s firmware (RCE).

The flaw in question, identified as CVE-2023-23560, may be used by attackers to get access to sensitive information such as print job queues, Wi-Fi network passwords, and other networked devices.

While Lexmark doubts that the hack is widely exploited, it warned that more than 100 printer types with pre-patch firmware are vulnerable to attack.

Downloadable Lexmark Firmware

All devices using firmware with a version number of 081.233 or below are susceptible to remote code execution attacks; the problem has been resolved in firmware with a version number of 081.234 or above. Any firmware update dated after January 18, 2022, is safe to use.

Users may check the firmware version of their Lexmark device by going to the “Device Information” sub-part of the “Menu Setting Page” of the “Reports” section of the device’s settings.

As always, impacted users may get the latest firmware updates for their printers from Lexmark’s driver download page, and then deploy them via USB or a network using a file transfer protocol like SMB or CIFS, depending on the operating system of their PC (FTP).

Those who are unable to deploy the firmware update are encouraged to turn off the web services capability, which will prevent the vulnerability from working but also prevent the device from connecting to the internet.

Users may disable “TCP65002” (WSD Print Service) by going to the “Network/Ports” part of the settings menu, clicking the “TCP/IP” option, and finally selecting the “TCP/IP Port Access” selection.

It is important to periodically update any internet-connected equipment, such as a printer, phone, fridge, or anything else, since they might compromise network security and user identities.

To lessen the likelihood of an RCE exploit being used to break into a network, businesses and prosumers alike are encouraged to use unique, randomly generated passwords for each of their devices and store them in a centralised password manager. To add insult to injury, they didn’t even have to use a wireless printer.