Lexmark has released a security firmware update in response to a severe vulnerability that could lead to remote code execution on more than 100 models of their printers. Successful exploitation of the vulnerability could allow an attacker to remotely execute arbitrary code on a device. This would in turn compromise sensitive data or lead to data loss.
The vulnerability, tracked as CVE-2023-23560 has a CVSSv3 base score of 9.0. It is a Server-Side Request Forgery (SSRF) vulnerability in the Web Services feature of newer Lexmark devices. You can find a list of all affected models in Lexmark's Security Advisory. An attacker could use the security issue to achieve arbitrary code execution on the device. At this moment there are no reports of the vulnerability being exploited in the wild. However, a PoC exploit code has been publicly published, so you are strongly advised to update any vulnerable printers in your IT environment.
Update Vulnerable Lexmark Printers
As mentioned above you can find a list of all affected printer models in Lexmark's security advisory. They strongly urge you to update the firmware of any vulnerable devices. The vulnerability affects all firmware versions numbered 081.233 or lower. These should be updated to the fixed version 081.234 or later. You can find your device's firmware level listed under "Device Information" in the "Settings" -> "Reports" -> "Menu Setting Page" menu in the operator panel.
Discover Vulnerable Devices
Based on the list of affected models shared by Lexmark, we have created a special Lansweeper report that will provide a list of all devices in your environment that could be affected by the vulnerability. This way you have an actionable list of devices that might require a patch.