Lexmark security bug leaves thousands of its printers open to attack

Customers advised to check their printer’s firmware

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Lexmark has urged its customers to update theirprinter’s firmware, following the publication of a proof-of-concept (PoC) exploit allowing remote code execution (RCE).

The exploit in question, designated CVE-2023-23560, can give attackers access to print job queues, reveal Wi-Fi network credentials, and allow access to other devices on a network.

Lexmark wrote in asecurity advisorythat while it doesn’t believe the exploit is being widely used, more than 100 printer models are at risk of compromise while running pre-patchfirmware.

TechRadar Pro needs you!We want to build a better website for our readers, and we need your help! You can do your bit by filling outour surveyand telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.

D. Athow, Managing Editor

Lexmark firmware versions

PerBleepingComputer, firmware versions across all devices numbered 081.233 and below are vulnerable to RCE attacks, while fixed versions are numbered 081.234 or higher. Firmware versions released on or after January 18, 2022 are considered safe.

To retrieve their current firmware version, Lexmark users can navigate to the “Device Information” section located on the ‘Menu Setting Page’ of the ‘Reports’ section of their device settings.

New firmware for affected printers can, as ever, be obtained fromLexmark’s driver download portaland, depending on theoperating systemof a user’sPCsuch asWindowsorLinux, be installed either via USB or via network methods such as theFile Transfer Protocol(FTP).

Those who, for whatever reason, can’t apply the firmware update are advised to disable the web services feature, blocking the exploit albeit at the expense of the device’s internet-connected functionality.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

To do this, users should navigate to the “Network/Ports” section of the settings menu, then the “TCP/IP” option, followed by the “TCP/IP Port Access” menu, before disabling “TCP 65002 (WSD Print Service)”.

Bitdefender wants to help secure your office printer>Old printer not working with Windows 11? Try this>Check out our list of the best workgroup printers right now

Whether it’s a printer, a phone, a fridge, or anything else, devices capable of being connected to the internet can pose a risk to network security and theidentitiesof users, and should be updated regularly.

Businesses and prosumers alike are advised to use separate, randomlygenerated passwords, stored in apassword manager,across all their devices to decrease the chances of attackers using RCE exploits to invade a network. In addition, they could avoid awireless printeraltogether.

Luke Hughes holds the role of Staff Writer at TechRadar Pro, producing news, features and deals content across topics ranging from computing to cloud services, cybersecurity, data privacy and business software.

Windows PCs targeted by new malware hitting a vulnerable driver

Dangerous Android banking malware looks to trick victims with fake money transfers

Apple might still be developing that fabled smart ring after all, according to latest leak