Lexmark has urged its customers to update their printer’s firmware, following the publication of a proof-of-concept (PoC) exploit allowing remote code execution (RCE).
The exploit in question, designated CVE-2023-23560, can give attackers access to print job queues, reveal Wi-Fi network credentials, and allow access to other devices on a network.
Lexmark wrote in a security advisory (opens in new tab) that while it doesn’t believe the exploit is being widely used, more than 100 printer models are at risk of compromise while running pre-patch firmware.
TechRadar Pro needs you! (opens in new tab)
We want to build a better website for our readers, and we need your help! You can do your bit by filling out our survey (opens in new tab) and telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.
D. Athow, Managing Editor
Lexmark firmware versions
Per BleepingComputer (opens in new tab), firmware versions across all devices numbered 081.233 and below are vulnerable to RCE attacks, while fixed versions are numbered 081.234 or higher. Firmware versions released on or after January 18, 2022 are considered safe.
To retrieve their current firmware version, Lexmark users can navigate to the “Device Information” section located on the ‘Menu Setting Page’ of the ‘Reports’ section of their device settings.
New firmware for affected printers can, as ever, be obtained from Lexmark’s driver download portal (opens in new tab) and, depending on the operating system of a user’s PC such as Windows or Linux, be installed either via USB or via network methods such as the File Transfer Protocol (FTP).
Those who, for whatever reason, can’t apply the firmware update are advised to disable the web services feature, blocking the exploit albeit at the expense of the device's internet-connected functionality.
To do this, users should navigate to the “Network/Ports” section of the settings menu, then the “TCP/IP” option, followed by the “TCP/IP Port Access” menu, before disabling “TCP 65002 (WSD Print Service)”.
> Bitdefender wants to help secure your office printer (opens in new tab)
> Old printer not working with Windows 11? Try this (opens in new tab)
> Check out our list of the best workgroup printers right now (opens in new tab)
Whether it’s a printer, a phone, a fridge, or anything else, devices capable of being connected to the internet can pose a risk to network security and the identities of users, and should be updated regularly.
Businesses and prosumers alike are advised to use separate, randomly generated passwords, stored in a password manager, across all their devices to decrease the chances of attackers using RCE exploits to invade a network. In addition, they could avoid a wireless printer altogether.
- Here’s our list of the best small business firewalls right now