Lexmark offers fix for security vulnerability

Art PostAdmin VIP

Lexmark offers fix for security vulnerability

A security researcher, Peter Geissler, dropped a zero-day remote code execution (RCE) chain of vulnerabilities affecting Lexmark MFPs/printers after claiming the disclosure reward he was offered was “laughable”.

In a tweet dated January 10, Geissler published a link to a GitHub repository containing information on the vulnerability chain.
several isolated or “seemingly harmless” functions could be exploited to “eventually fully compromise the device”.
issue impacts over 100 models but has now been patched by Lexmark (owned by Ninestar of China)

2/7/239:08 PM

❤️ 0

Original Post

Add Reply

Sign In To Reply

<ul id="{%=id%}ButtonGroup" class="button-group h-popup-buttons even-button-group even-1">
    <li id="{%=id%}Okay_buttonContainer"><a id="{%=id%}Okay" href="javascript:void(0);" class="button success no-margin-bottom h-alert-modal-ok-button" role="button">OK</a><script type="text/javascript">
        (function() {
            function {%=id%}Okay_click(event, data) {
            {%=id%}Popup.hide();
        }
        
                $('#{%=id%}Okay').on('click', {%=id%}Okay_click);
        })();
    </script></li></ul><a href="javascript:void(0);" class="close-reveal-modal" aria-label="Close Modal">&#215;</a><div class="last-modal-focus focus-utility-element" tabindex="0"></div>
</div>
<script type="text/javascript">
        (function() {
            {%=id%}Popup = new SS.Popup.ModalPopup('{%=id%}');
        })();
    </script>

Skip to main content

Lexmark offers fix for security vulnerability

Add Reply

Membership Required

Remove From Your Block List

Manage Follow Preferences

Block

Premium Membership Required

VIP/Premium Membership

Please wait...