The Recycler
  • Katun web banner December 2022 NEW
  • G&G Feb 24 Masthead Banner
  • Biuromax Masthead web banner March 2024

Lexmark recommends firmware update to fix vulnerabilities

March 14, 2023

The company has released several new Security Advisory notices, warning of vulnerabilities identified in various Lexmark devices.

One of the latest Security Advisory notices is warning of an input validation vulnerability has been identified in the web API of newer Lexmark devices.

Lexmark explains that an input validation vulnerability has been identified in the SNMP feature in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. Affected devices are found here.

Also found was that the embedded web server in newer Lexmark devices fails to properly sanitise input data which can lead to remote code execution on the device.

Lexmark advised that a vulnerability has been identified in the embedded web server used in Lexmark devices. The vulnerability allows the attacker to execute arbitrary code on a device with the permissions of the embedded webserver. Affected devices can be seen here.

Another Security Advisory notice reports of a trusted internal component of Lexmark devices that has an input validation vulnerability. This vulnerability can be leveraged by an attacker who has already compromised the device to escalate privileges. This input validation vulnerability allows an attacker who has already compromised an affected Lexmark device to escalate privileges. Affected devices can be found here.

And finally, a vulnerability has been identified in the Postscript interpreter in various Lexmark devices. The company explained that a type confusion vulnerability has been identified in Postscript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. See affected devices here.

In all cases, Lexmark recommends a firmware update if your device has affected firmware.

Lexmark added that it is not aware of any malicious use against Lexmark products of the vulnerability described in any of the advisories.

 

Categories : Around the Industry

Tags : Devices Firmware Updates Lexmark Printers Security Advisory Notices Vulnerabilities

  • TN Core April 2024 Web Banner
  • Cartridge Web April 2024 Web Banner
  • Static Control June 2022 Big & Bold Ad
  • Mito Web advert July 2023
  • G&G Big & Bold Web banner January 2024
  • Ink Tank April 2024 Web Ads
  • IR Italiana Web ad January 2021
  • Apex Web Banner April 2024
  • GM Technology Web Ad March 2024
  • Biuromax March 2024 Banner
  • HYB Web banner Jan 2024
  • CET Web ad December 2023
  • Zhono Web ad March 2024
  • Denner Feb 2024 Web Ad
  • Altkin Web ad March 2024
  • PCL April 2024 Web Banner
  • ITP Web ad January 2021
  • ITP Web ad January 2021
  • Zhono Web ad March 2024
  • Denner Feb 2024 Web Ad
  • HYB Web banner Jan 2024
  • CET Web ad December 2023
  • Altkin Web ad March 2024
  • PCL April 2024 Web Banner
  • PCL April 2024 Web Banner
  • HYB Web banner Jan 2024
  • Altkin Web ad March 2024
  • Zhono Web ad March 2024
  • ITP Web ad January 2021
  • CET Web ad December 2023
  • Denner Feb 2024 Web Ad

The Recycler, Wittas House, Two Rivers, Station Lane, Witney, OX28 4BH, United Kingdom | Tel: +44 (0) 1993 899800 | Fax : +44 (0) 1993 226899
©2006-2023 The Recycler - Terms & Conditions - Privacy Policy including cookie use

Web design Dorset | Websites by Mark

The Recycler Subscribe Web ad January 2021
The Recycler Subscribe Web ad January 2021