Lexmark has published several security warnings about recently revealed weaknesses in Lexmark print software and firmware. Patching are provided and customers are asked to update their equipment and software immediately to protect them from potential attacks.
Description:
- Weaks were found in the print management software, embedded web servers and firmware of Lexmarks.
- Lexmark says that it is not known about the adventures in the wild.
- Safety patches are available.
Two of the security weaknesses have received a significant seriousness rating of significant seriousness.
Lakesmark print management significant vulnerability in customer
Quick solution: Update the client software version 3.5.0.0 or later.
The CVSS rating of CVE-2025-1126 is 9.3. This is a vulnerability in the print management customer of the lexmark. Lexmark confirms that the problem affects software on Windows, McOS and Linux.
The Lexmark describes it as dependence on incredible input vulnerability in the client, but does not provide additional information Safety noticeSuccessful exploitation may launch arbitrary procedures under systems or root references, or deletion of folders, “folders usually need to reach the administrator or other high permissions”.
The safety issue affects the 3.0.0 to 3.4.0 editions of the Lexmark print management client. Lexmark recommends that the affected customers update to the latest version of client software. The process is explained Lexmark aid website,
Important vulnerability in web server
Quick solution: Set a password to prevent unauthorized access and update the firmware.
CVE-2024–11348 is the second important vulnerability. It has a CVSS base score 9.1. The lexmark describes it as “combination tract traversal and concurrent performance vulnerability” in the embedded web server of lexmark lexmark devices.
Successful exploitation of this issue can lead to remote execution of arbitrary code on weaker equipment. Lexmark lists all affected printers In a support document,
The lexmark recommends updating the firmware of the affected printer. The administrator can also set a password on the affected device to prevent unexpected users from executing vulnerability. Lexmark says that users are motivated to set the password on the initial setup.
Four weaknesses were given high status
Quick solution: The lexmark recommends upgrading the firmware of the affected equipment, provided that a firmware upgrade is available.
Lexmark also confirmed four security issues in postscript interpreters in the company’s equipment.
- Cve-2024-11344 – A type of illusion vulnerability has been identified in postscript interpreters in various laxmark devices.
- Cve-2024-11345 -In various leaksmark devices, a very-based memory vulnerability has been identified in postscript interpreters.
- Cve-2024-11346 – A type of illusion vulnerability has been identified in postscript interpreters in various laxmark devices.
- Cve-2024-11347 – An integer overflow vulnerability has been identified in postscript interpreters in various lexmark devices.
Weaknesses can be exploited to execute arbitrary code as an unattainable user. Upgrading the firmware, safety issues are resolved.
Thanks for reading..
