Lexmark SMB printers with critical 9.0 vulnerability

B2B Cyber ​​Security ShortNews

Share post

Lexmark reports two vulnerabilities in over 120 relatively new printer models. Many devices are also for the SME sector and have network access. According to CVSSv3, a vulnerability has a base score of 9.0 and is therefore considered “critical”. Users of the models should urgently update the firmware, as remote attackers could run code.

In the list of current safety instructions from Lexmark, there are two current entries for which a firmware update is recommended. According to the Common Vulnerability Scoring System Version 3.0 – CVSSv3 for short, the CVE-2023-22960 vulnerability has a score of 5.3. However, the second vulnerability CVE-2023-23560 is much more serious with a score of 9.0 out of 10 and is considered critical!


Over 120 models with critical vulnerability

On the Lexware notice page, the critical vulnerability CVE-2023-2356 with a score of 9.0 is described only briefly and concisely: “A Server-Side Request Forgery (SSRF) vulnerability was found in the Web Services function of newer Lexmark devices. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on a device." An update is recommended immediately. The long list of devices also includes many newer and older models that are used in the SME sector and also have network access there.

Holey brute force protection

The second vulnerability, CVE-2023-22960, has a score of 5.3 that should not be neglected. The description of the vulnerability: “Successful exploitation of this vulnerability could lead to compromise of local account credentials.” Background: Lexmark devices have a feature that protects against brute force attacks on local credentials by temporarily locking an account for a period of time after a series of unsuccessful login attempts. The number of attempts and lockout time can be set by a device administrator. This vulnerability bypasses brute force protection and allows unrestricted attempts to guess a local account's credentials.

Updates with version trap!

Updates are available for both vulnerabilities. The small vulnerability with a score of 5.3 is already included in version XXXX.081.232 and will be fixed in version XXXX.081.233. But attention: the significantly more dangerous vulnerability with the critical score 9.0 is in Version XXXX.081.233 still included and will only be closed with version XXXX.081.234. Only use direct downloads from Lexmark to be safe.

More at Lexmark.com


Matching articles on the topic

Accelerated cybercrime with ChatGPT4

Security researchers reveal various scenarios that allow hackers to improve their malicious efforts and preparations, resulting in faster and more accurate ones ➡ Read more

VOIP/PBX software 3CX abused for sideloading attack

A trojanized version of the popular phone system VOIP/PBX software 3CX is currently making headlines. The business phone system is used by companies in 190 ➡ Read more

Cyber ​​attack on Helmholtz Zentrum München

As early as March 15, the Helmholtz Zentrum München could no longer be reached. A cyber attack paralyzed everything. ➡ Read more

Security: BSI handbook for company management

The BSI distributes the new international manual "Management of Cyber ​​Risks" for company management. The one with the Internet Security Alliance ➡ Read more

Ransomware: Attack on Schweizer Medienverlag and NZZ

The Neue Züricher Zeitung - NZZ reported an attack on their network a few days ago and was therefore unable to ➡ Read more

Chinese cyber attackers target zero-day vulnerabilities

Found zero-day vulnerabilities are often exploited by individual APT groups. According to Mandiant, Chinese cyberattackers are targeting more and more zero-day vulnerabilities. The report proves it ➡ Read more

Cloud bursting vulnerability

As an application delivery technique, cloud bursting enables the best of both worlds to be combined. On the one hand, it enables ➡ Read more

Chrome seals 7 highly dangerous gaps

Chrome's bug bounty program is worth it: programmers and specialists have reported 7 highly dangerous vulnerabilities to Google and received a reward. ➡ Read more