Lexmark Security Advisories

Security advisories for Lexmark devices

Lexmark’s ultimate goal is to produce software and hardware that is free from security-related vulnerabilities, however, the sheer complexity of the code in the products results in the need to be able to address security-related issues in released products. Lexmark’s software and hardware products contain hundreds of files, thousands of objects, and tens of millions of lines of code and a product that was released with no known vulnerabilities may indeed have new vulnerabilities identified over time. This can be due to a previously unidentified vulnerability found in custom code written by Lexmark, in a common shared system library, or in a third-party library integrated into the Lexmark software or firmware. Lexmark’s security staff and experts monitor multiple channels for the identification of new security vulnerabilities including: internal review, customer service, security-focused press, security-related academic research, and technical alerts from organizations like NIST-National Vulnerability Database and US-Computer Emergency Readiness Team (US-CERT). Additionally, Lexmark uses scanning tools during the implementation phase that scan source code for out-ofdate or vulnerable shared libraries.

Registration

Sign up here for the latest security alerts.

Identification Process

When new vulnerabilities are identified which might affect Lexmark’s products, they are addressed via the following process:

1. The vulnerability is analyzed to determine if it affects the product. (Vulnerabilities found in shared system or third-party code libraries may not apply, depending on the way the code is used in the system).

2. Lexmark’s security staff determines if the exploit mechanism for the vulnerability is possible in Lexmark’s implementation.

3. If yes, then the security bug is scored using industry standard Common Vulnerability Scoring Systems (CVSS). Note: The severity score published in a technical alert may score differently in specific implementations.

4. Internal processes are initiated to log, track, patch, and test the bug fix, and updated code is provided via a patch process.

5. If the CVSS score warrants, Lexmark will issue a security advisory for the products affected.

Additional details can be found in our Secure Software Development Lifecycle (SSDL) Whitepaper.

Submitting an issue

For product security vulnerabilities affecting Lexmark printers, send an e-mail to securityalerts@lexmark.com.

You may use Lexmark's PGP key to encrypt sensitive information (Click here to download our PGP public key).   Please also include your PGP key so we may communicate with you on sensitive issues.

 

Are you a small business owner/operator?
Learn more here about why secure printing should matter to your small business.

 

A Server-Side Request Forgery (SSRF) vulnerability exists in newer Lexmark devices (CVE-2023-50733)

A Server-Side Request Forgery (SSRF) vulnerability exists in newer Lexmark devices.

 

Buffer Overflow Vulnerability (CVE-2023-50739)

A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices.

 

Firmware Downgrade Prevention Vulnerability (CVE-2023-50738)

A firmware downgrade prevention vulnerability has been identified in newer Lexmark devices.

 

Postscript Buffer Overflow (CVE-2023-50734)

A vulnerability has been identified in the Postscript interpreter in various Lexmark devices.

 

Postscript Heap Corruption (CVE-2023-50735)

A vulnerability has been identified in the Postscript interpreter in various Lexmark devices.

 

Postscript Memory Corruption (CVE-2023-50736)

A vulnerability has been identified in the Postscript interpreter in various Lexmark devices.

 

Input Validation Vulnerability (CVE-2023-50737)

An input validation vulnerability in the SE Menu has been identified in Lexmark devices.

 

XML external entity vulnerability (CVE-2023-40239)

An XML external entity (XXE) vulnerability exists in older Lexmark devices.

Postscript Buffer Overflow (type confusion) (CVE-2023-26063)
A vulnerability has been identified in the Postscript interpreter in various Lexmark devices.

Postscript Buffer Overflow (out of bounds write) (CVE-2023-26064)
A vulnerability has been identified in the Postscript interpreter in various Lexmark devices.

Postscript Buffer Overflow (integer overflow) (CVE-2023-26065)
A vulnerability has been identified in the Postscript interpreter in various Lexmark devices.

Postscript Buffer Overflow (improper stack validation) (CVE-2023-26066)
A vulnerability has been identified in the Postscript interpreter in various Lexmark devices.

Input validation vulnerability (CVE-2023-26067)
An input validation vulnerability which allows an attacker who has already compromised an affected Lexmark device to escalate privileges.

Embedded Web Server input sanitization vulnerability (CVE-2023-26068)
The embedded web server fails to properly sanitize input data which can lead to remote code execution.

Web API input validation vulnerability (CVE-2023-26069)
A web API input validation vulnerability in newer Lexmark devices.

SNMP input validation vulnerability (CVE-2023-26070)
An input validation vulnerability in SNMP in various Lexmark devices.

Account Lockout bypass (CVE-2023-22960)
This vulnerability allows an attacker to bypass protections on the device that protect local accounts against brute-force guessing attacks.

Server Side Request Forgery (CVE-2023-23560)
A Server-Side Request Forgery (SSRF) vulnerability exists in newer Lexmark devices.

jQuery vulnerability (CVE-2019-11358)
jQuery contains vulnerability that can lead to a denial of service, remote code execution, or property injection

Compromised device remains vulnerable after firmware update (CVE-2022-29850)
An attacker who has already compromised an affected Lexmark device can maintain persistence across reboots.

SpringShell (and/or Spring4Shell) vulnerabilities (CVE-2022-22965, CVE-2022-22963)
Lexmark hardware and software products are not impacted by the SpringShell vulnerability.

Initial setup menus apply insufficient permissions (CVE-2022-24935)
The initial admin account setup wizard on Lexmark devices allows unauthenticated access to the “Firmware Updates” feature.

Postscript Buffer overflow (CVE-2021-44738)
A vulnerability has been identified in the Postscript interpreter in various Lexmark devices.

PJL directory traversal vulnerability (CVE-2021-44737)
Various Lexmark devices have a directory traversal vulnerability that can be leveraged to overwrite internal configuration files.

Initial setup menus apply insufficient permissions (CVE-2021-44736)
The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature.

Embedded web server command injection vulnerability (CVE-2021-44735)
The embedded web server in various Lexmark devices contains a command injection vulnerability.

Embedded web server input sanitization vulnerability (CVE-2021-44734)
The embedded web server in Lexmark devices fails to properly sanitize input data which can lead to remote code execution on the device.

Apache Log4j Vulnerabilities (CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105)
This document lists Lexmark products that may be impacted by the Log4j vulnerability. Any product not listed is still under review for impact.

Lexmark Security Advisory: Local Escalation of Privilege in the Lexmark Universal Print Driver (CVE-2021-35449)
The Lexmark Universal Print Driver contains a local escalation of privilege vulnerability.

Lexmark Security Advisory: Unquoted Service Path in Lexmark Printer Software G2, G3 and G4 Installation Packages (CVE-2021-35469)
The Lexmark Printer Software G2, G3 and G4 Installation Packages have a local escalation of privilege vulnerability due to a registry entry that has an unquoted service path.

Lexmark Security Advisory: Security jumper race condition in the MX6500 (CVE-2020-35546)
The access control settings on a MX6500 may reset during a power on or reboot.

Lexmark Security Advisory: Wifi Chip Driver Vulnerability (CVE-2019-14816)
A vulnerability was found in the WiFi chip driver used in Lexmark device.

Lexmark Security Advisory: Cross Site Request Forgery Vulnerability (CVE-2020-13481)
A stored cross site scripting vulnerability has been identified in Lexmark devices.

Lexmark Security Advisory: Cross Site Request Forgery Vulnerability (CVE-2020-10095)
Lexmark devices' embedded web server contains a cross site request forgery attack vulnerability that allows devices configuration to be altered without authorization.

Lexmark Security Advisory: TLS Protocol Vulnerability (CVE-2019-1559)
TLS Padding Oracle vulnerability in Lexmark devices.

Lexmark Security Advisory: Stored Cross Site Scripting Vulnerabilities (CVE-2020-10093, CVE-2020-10094)
A couple of stored cross site scripting vulnerabilities have been identified on older Lexmark devices.

Lexmark Security Advisory: Cross Site Scripting vulnerabilities (CVE-2019-19772, CVE-2019-19773)
Two Cross Site Scripting vulnerabilities have been identified in older Lexmark devices.

Stored Cross Site Scripting Vulnerability (CVE-2019-18791)
A stored cross site scripting vulnerability has been identified in older Lexmark devices.

Lexmark Service Monitor directory traversal vulnerability (CVE-2019-16758)
Lexmark Services Monitor, (LSM) contains a directory traversal vulnerability that can be exploited to extract files from the system on which LSM is installed.

SNMP Denial of Service Vulnerability (CVE-2019-9931)
Some Lexmark printers contain a vulnerability in their SNMP service that can be exploited to crash the device.

Lexmark Overflow Vulnerabilities (CVE-2019-9930, CVE-2019-9932, CVE-2019-9933)
Many older Lexmark devices contain overflow vulnerabilities that can lead to execution of arbitrary code on the device.

Cross Site Request Forgery (CVE-2019-10057)
Some older Lexmark devices embedded web server are vulnerable to a contain a cross site request forgery attack that allows a local account password to be changed without the knowledge of the authenticated user.

Account Lockout (CVE-2019-10058)
Account lockout functionality is missing from a few older Lexmark devices.

Information Disclosure via finger service (CVE-2019-10059)
The finger service should be disabled, it provides unauthenticated access to device diagnostic information.

Information Disclosure Vulnerability (CVE-2019-9934, CVE-2019-9935)
A few older Lexmark devices did not restrict access to sensitive menus in the embedded web server.

Shortcut Integrity vulnerability (CVE-2019-6489)
Many older Lexmark multi-function devices contain a vulnerability that allows an unauthenticated user to purge stored shortcuts.

Information Disclosure Vulnerability (CVE-2017-13771)
Exposure of network credentials in Scan to Network app in some Lexmark devices.

Information Disclosure Vulnerability (CVE-2018-17944)
Credentials to external LDAP and SMTP servers stored in Lexmark devices can be extracted by the device administrator.

Directory Traversal Vulnerability (CVE-2018-18894)
A directory traversal vulnerability has been identified in the embedded web server used in older generation Lexmark devices. The vulnerability allows unauthenticated access to sensitive files on the device.

Apache Tomcat vulnerability (CVE-2018-8037)
Markvision Enterprise (MVE) uses Apache Tomcat which is vulnerable to an information disclosure bug that could allow an attacker to reuse session credentials from a previous user’s session in a new session.

Apache Tomcat Vulnerability (CVE-2018-1336)
Markvision Enterprise (MVE) uses Apache Tomcat which is vulnerable to a bug that could allow an attacker to cause MVE to enter an infinite loop and produce a denial of service condition.

Buffer Overflow Vulnerability (CVE-2018-15519, CVE-2018-15520)
Lexmark has identified a buffer overflow vulnerability in some models of multi-function devices handling of color fax jobs. This vulnerability allows an attacker with crafted fax data to create a denial of service condition, and in some situations to execute arbitrary code on an affected device.

Markvision Enterprise is vulnerable to Spring Data REST 2.6.6 (CVE-2017-8046)
Markvision Enterprise (MVE) uses Spring Data REST 2.6.6 which is vulnerable to malicious HTTP PATCH requests and with specially crafted JSON data will run arbitrary Java code.

KRACK Vulnerabilities (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, and CVE-2017-13088)
Lexmark has learned of a series of weaknesses in WPA2, the protocol that secures all modern protected WiFi networks. This vulnerability can allow the disclosure of information that was assumed to be safely encrypted.

Pivotal Spring-LDAP vulnerability (CVE-2017-8028)
Markvision Enterprise contains a vulnerability when configured to use TLS binding for LDAP that allows clients to logon with a valid username and any arbitrary password.

Spectre and Meltdown Vulnerabilities (CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754)
Lexmark has learned of a series of vulnerabilities reported in several CPU's that perform speculative execution. The vulnerabilities could at worst be used by an attacker to read arbitrary virtual memory across security boundaries.  Lexmark devices are not affected by these vulnerabilities.

Orpheus' Lyre Vulnerability (CVE-2017-11103)
A vulnerability in Heimdal (an implementation of Kerberos 5) before release 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification.

WannaCry Ransomware Vulnerability (MS17-010, CVE-2017-0143)
Lexmark devices are not vulnerable to WannaCry ransomware or to the following associated exploits: EternalBlue, EternalSynery, EternalRomance, EternalChampion. This attack propagates through Microsoft SMBv1 servers.

Linux kernel udp.c vulnerability (CVE-2016-10229)
A vulnerability in udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic on affected devices.

Xalan Java Vulnerability (CVE-2014-0107)
Markvision Enterprise contains a vulnerability that allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources.

File Upload Vulnerability (CVE-2016-3092)
Markvision Enterprise contains a vulnerability that allows remote attackers to cause a denial of service.

Remote code execution vulnerability (CVE-2016-6918)
Markvision Enterprise contains a vulnerability that allows an unauthenticated remote attacker to upload files and execute arbitrary commands with the privilege of the Markvision Enterprise application.

XLS parsing buffer overflow vulnerability (CVE-2016-4335)
A vulnerability was discovered in the XLS parsing function that provides the potential for an attacker to execute arbitrary code on an affected devices.

Arbitrary code execution vulnerabilities in Lexmark Perceptive Document Filters (CVE-2016-5646, CVE-2016-4336, CVE-2016-4335)
Lexmark has learned of three separate vulnerabilities in Lexmark Perceptive Document Filters that, under certain circumstances, could lead to arbitrary code execution.

Out of Service Memory Erase Failure (CVE-2016-3145)
Under certain circumstances some Lexmark printers will fail to erase stored information when requested.

Glibc Getaddrinfo() Stack Buffer Overflow (CVE-2015-7547)
Lexmark has learned of a vulnerability in the “glibc” client side resolver library that provides the potential for an attacker to execute arbitrary code on an affected system.

Markvision Java Serialization Vulnerability (CVE-2016-1487)
Markvision Enterprise contains a vulnerability that allows for unauthenticated remote execution of commands on the MVE server.

Race Condition During Initialization (CVE-2016-1896)
Under certain circumstances during initialization, some Lexmark printers have a race condition that allows unauthenticated access to device functions.

Logjam Vulnerability in Diffie-Hellman Key Exchange (CVE-2015-4000)
Lexmark has learned of a vulnerability on some implementations of the SSL/TLS protocol that allows an attacker to compromise the communicators over that protocol.

FREAK: Factoring Attack on RSA-Export Vulnerability (CVE-2015-0204)
Lexmark has learned of a vulnerability in some implementations of the SSL/TLS protocol that allows an attacker to compromise communications over that protocol.

GHOST Glibc Buffer Overflow Vulnerability (CVE-2015-0235)
Lexmark has learned of a vulnerability in the "glibc" library that provides the potential for an attacker to execute arbitrary code on an affected system.

Markvision Input Validation Vulnerability (CVE-2014-9375)
Markvision Enterprise contains a vulnerability that allows uploaded ZIP files to be unpacked into arbitrary locations.

Markvision Remote Code Execution Vulnerability (CVE-2014-8741)
MarkVision Enterprise contains a vulnerability that allows an unauthenticated remote attacker to upload files and execute arbitrary commands with the privilege of the MarkVision Enterprise application.

Markvision Input Validation Vulnerability (CVE-2014-8742)
MarkVision Enterprise contains a vulnerability that allows an unauthenticated remote attacker to download arbitrary files from the MarkVision Enterprise platform.

POODLE Vulnerability (CVE-2014-3566)
Lexmark has learned of a vulnerability in the SSLv3 protocol which allows an attacker with the ability to intercept and insert traffic (Man-In-The-Middle) to decrypt a portion of the encrypted communication.

Bash "shellshock" Vulnerabilities (CVE-2014-6271)
Lexmark has learned of a series of vulnerabilities in the open-source bash shell program that allows an attacker to execute arbitrary commands on a vulnerable system. No Lexmark devices or software products are affected by this vulnerability.

Open SSL CCS Injection Vulnerability (CVE-2014-0224)
Lexmark has learned of a group of vulnerabilities in certain versions of the open-source OpenSSL library that can be exploited by a Man-In-The-Middle attack. Multiple Lexmark products are affected by this vulnerability.

Open SSL Heartbleed Vulnerability (CVE-2014-0160)
Lexmark has learned of a vulnerability in certain versions of the open-source OpenSSL Library that allows unauthenticated access to private memory of printer devices and computer systems. Multiple Lexmark products are affected by this vulnerability.

HTML injection vulnerability (CVE-2013-6033)
Some Lexmark Printers do not properly sanitize user supplied values for the "Contact" and "Location" settings. This vulnerability can be exploited to execute arbitrary HTML or script code in the browser of anyone viewing the devices embedded web server.

Password Reset vulnerability (CVE-2013-6032)
Some Lexmark Printers and MarkNet devices will fail to authenticate a specially crafted password reset request. This vulnerability can be exploited to bypass authentication configured on the device.

Markvision Unauthorized access vulnerability (CVE-2013-3055)
Markvision Enterprise contains a vulnerability that allows an unauthenticated remote attacker to access and modify configuration data and fleet management information, in addition to executing commands within the application.

Information leakage vulnerability (CVE-2011-4538)
Some Lexmark Multifunction Devices include sensitive configuration values in exported settings files. This vulnerability can be exploited to enable unauthorized disclosure of device configuration information.

Email shortcut vulnerability Security Vulnerability (CVE-2011-3269)
Some Lexmark Multifunction Devices allow the creation of email shortcuts that contain hidden recipients. This vulnerability can be exploited to enable unauthorized personnel to receive a covert copy of email sent by the device using the modified shortcut.

PJL Remote Buffer Overflow Security Vulnerability (CVE-2010-0619)
Some Lexmark Laser Printers contain remote buffer overflow vulnerabilities in their PJL processing functionality. These vulnerabilities could potentially lead to remote code execution, but no malicious use of this vulnerability is known.

FTP Denial of Service Security Vulnerability (CVE-2010-0618)
Some Lexmark Printers and MarkNet devices contain denial of service vulnerabilities in the FTP service. These vulnerabilities can be exploited with repeated aborted FTP connections to the printer, causing the printer to ignore incoming TCP network connections to multiple services.

HTTP Denial of service vulnerability (CVE-2010-0101)
Some Lexmark Printers and MarkNet Devices contain a denial of service vulnerability in their HTTP service. This vulnerability can be exploited to crash the printer.

SSL Denial of service vulnerability (CVE-2004-0079)
Some Lexmark Printers and MarkNet Devices contain a denial of service vulnerability in their SSL/TLS processing. This vulnerability can be exploited to crash the printer.