More than 150 models of Lexmark printers need a firmware update, following the disclosure of four critical remote code execution (RCE) vulnerabilities.
The bugs were reported through Trend Micro’s Zero Day Initiative (ZDI), with credited individuals including Sina Kheirkhah of Summoning Team; Chris Anastasio; Team PHPHooligans members Rick de Jager, Carlo Meijer and Jonathan Jagt; and Team Viettel.
CVE-2023-50737 [pdf] is a bug in the SE menu, which Lexmark said “contains information used by Lexmark to diagnose device errors”.
One of the menu routines can be exploited to run arbitrary code, the advisory stated, and the vulnerability carries a critical CVSS score of 9.1.
Lexmark said the SE menu should be restricted to trusted users only.
The vulnerable printers also have three vulnerabilities in their PostScript interpreters: CVE-2023-50736 [pdf], CVE-2023-50735 [pdf], and CVE-2023-50734 [pdf], all of which carry a critical CVSS score of 9.0.
The PostScript vulnerabilities have no workarounds; firmware updates are needed.
