Lexmark, a global provider of printing and imaging products, has issued a critical security advisory warning of a severe vulnerability affecting the embedded web servers in multiple Lexmark devices. The vulnerability is a combination of Path Traversal and Concurrent Execution flaws, which could allow attackers to execute arbitrary code remote execution.
Vulnerability Details
The vulnerability, identified through responsible disclosure by the DEVCORE Research Team via Trend Micro’s Zero Day Initiative (ZDI). According to Lexmark’s advisory, the flaw carries a CVSS v3.1 base score of 9.1, reflecting its high potential impact.
-
CVSS Base Score: 9.1 (Critical)
-
Vector: AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Successful exploitation requires an attacker to have high privileges but does not need user interaction, making it a serious concern for enterprise environments where these devices are often network-connected.
Impact
If exploited, the vulnerability could allow a remote attacker to execute arbitrary code on the affected device, potentially compromising sensitive data or disrupting device functionality. The vulnerability affects a range of Lexmark printers and multifunction device models.
Lexmark has emphasized that, to date, it has not observed any active exploitation of this vulnerability in the wild.
Affected Products
The list of affected devices is extensive. Users can determine their device’s firmware version by navigating to Settings → Reports → Menu Setting Page on the device’s operator panel. If the firmware level matches those listed in the “Affected Releases,” users are urged to upgrade to a “Fixed Release.”
A full list of affected models and firmware versions is available on Lexmark’s support site: https://support.lexmark.com/content/dam/support/collateral/security-alerts/CVE-2025-1127.pdf
Mitigation
Lexmark strongly recommends applying the firmware update for any impacted device. Firmware patches are available through Lexmark’s Technical Support Center. Moreover, setting an administrative password prompted during the device’s initial setup can mitigate the risk by restricting unauthorized access.
Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news
