Lexmark has appealed to its customers to upgrade printerfirmware after the release of a proof-of-concept (PoC) remote code execution (RCE) exploit.
The exploit in question, known as CVE-2023-23560, could give attackers access to print job queues, expose Wi-Fi network credentials, and allow access to other devices on the network.
Lexmark wrote in security consultancy (opens in a new tab) that although he does not believe that the exploit is widely used, more than 100 printer models are at risk of being hacked when running pre-scrap firmware.
Lexmark firmware versions
Behind Beeping Computer (opens in a new tab), firmware versions of all devices with numbers 081.233 and below are vulnerable to RCE attacks, while fixed versions are 081.234 and above. Firmware versions released on or after January 18, 2022 are considered safe.
To download the current version of the firmware, Lexmark users can go to the “Device Information” section located on the “Menu Settings” page under “Reports” in the device settings.
New firmware for affected printers can, as always, be obtained from Lexmark Driver Download Portal (opens in a new tab) and, depending on the user’s operating system computer Such as windows or Linuxinstall via USB or using network methods such as File Transfer Protocol (FTP).
For those unable to apply the firmware update for any reason, it is recommended to disable the Web Services feature, blocking the exploit, albeit at the expense of the functionality of the device’s internet connection.
To do this, users should go to the “Network/Ports” section in the settings menu, then the “TCP/IP” option, then the “TCP/IP Port Access” menu before disabling “TCP 65002 (WSD Print Service)”.
Whether it’s a printer, telephone, refrigerator or anything else, devices that can be connected to the Internet can be a threat to network security and identity users and should be updated regularly.
Both companies and prosumers are recommended to use separate, random ones generated passwordsstored in a password manager, on all their devices to reduce the chances of attackers using RCE exploits to invade the network. In addition, they could avoid wireless printer completely.