Numerous Lexmark Printers affected by critical security issues

Gandalf_The_Grey

Level 75
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,439
Lexmark confirmed this week that many of its printer models have security vulnerabilities, some of which are rated critical. The company has released seven security advisories for Lexmark devices. Successful exploitation of the vulnerabilities can result in remote code execution on a device. Updates are available for affected devices.

All security advisories have been published on March 10, 2023. Hundreds of printers are affected, including Lexmark MC3224, Lexmark B2338, Lexmark CX930 and Lexmark XC9335.

Lexmark notes that it is "not aware of any malicious use against Lexmark products" at the time of publication of the seven security advisories. The vulnerabilities have been reported to Lexmark by Trend Micro's Zero Day Initiative.

Some Lexmark devices have Internet connectivity. These may check for and upgrade firmware directly from the embedded web server. To access the web interface, load the IP address of the printer in a web browser. Select Device > Update Firmware then, and then Check for Updates. If an update is available, click "I agree, start update", to download and install it on the device.

Lexmark customers may also download updated firmware manually and install it on the printer to resolve the issue. The best starting point is to use Lexmark's official drivers & downloads support page to search for updates for a particular printer model.

Look for the most recent firmware for the printer in question and download it to the local system. Note that the file size may be several hundred megabytes.

It is recommended to check the security advisories linked above to make sure that the listed firmware on Lexmark's download website fixes the listed vulnerabilities.

Lexmark's firmware update instructions support page offers instructions on how to update the firmware of company devices.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top