Lexmark security bug leaves thousands of its printers open to attack


Lexmark has urged its customers to update their printer’s firmware, following the publication of a proof-of-concept (PoC) exploit allowing remote code execution (RCE).
The exploit in question, designated CVE-2023-23560, can give attackers access to print job queues, reveal Wi-Fi network credentials, and allow access to other devices on a network.
Lexmark wrote in a security advisory (opens in new tab) that while it doesn’t believe the exploit is being widely used, more than 100 printer models are at risk of compromise while running pre-patch firmware.
Lexmark firmware versions
Per BleepingComputer (opens in new tab), firmware versions across all devices numbered 081.233 and below are vulnerable to RCE attacks, while fixed versions are numbered 081.234 or higher. Firmware versions released on or after January 18, 2022 are considered safe.
To retrieve their current firmware version, Lexmark users can navigate to the “Device Information” section located on the ‘Menu Setting Page’ of the ‘Reports’ section of their device settings.
New firmware for affected printers can, as ever, be obtained from Lexmark’s driver download portal (opens in new tab) and, depending on the operating system of a user’s PC such as Windows or Linux, be installed either via USB or via network methods such as the File Transfer Protocol (FTP).
Those who, for whatever reason, can’t apply the firmware update are advised to disable the web services feature, blocking the exploit albeit at the expense of the device’s internet-connected functionality.
To do this, users should navigate to the “Network/Ports” section of the settings menu, then the “TCP/IP” option, followed by the “TCP/IP Port Access” menu, before disabling “TCP 65002 (WSD Print Service)”.
Whether it’s a printer, a phone, a fridge, or anything else, devices capable of being connected to the internet can pose a risk to network security and the identities of users, and should be updated regularly.
Businesses and prosumers alike are advised to use separate, randomly generated passwords, stored in a password manager, across all their devices to decrease the chances of attackers using RCE exploits to invade a network. In addition, they could avoid a wireless printer altogether.
Audio player loading… Lexmark has urged its customers to update their printer’s firmware, following the publication of a proof-of-concept (PoC) exploit allowing remote code execution (RCE). The exploit in question, designated CVE-2023-23560, can give attackers access to print job queues, reveal Wi-Fi network credentials, and allow access to other devices…
Recent Posts
- Hundreds of Android apps band together in massive scam campaign targeting millions – here’s what we know
- GM’s Cruise Cars Are Back on the Road in Three US States—But Not for Ride-Hailing
- The Ploopy Knob is an open-source control dial for your PC
- Europe needs to decouple from Big Tech USA: Here’s 5 ways it can be achieved
- The American system of democracy has crashed
Archives
- July 2025
- June 2025
- May 2025
- April 2025
- March 2025
- February 2025
- January 2025
- December 2024
- November 2024
- October 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021