Security researchers have uncovered a severe vulnerability in Lexmark printer firmware, impacting over 150 models and allowing remote malicious code execution. The flaw combines path traversal and race conditions, posing significant risks for enterprise and healthcare environments. #LexmarkVulnerability #FirmwareExploit
Keypoints
- A critical vulnerability (CVE-2025-1127) affects multiple Lexmark printer and multifunction device series, rated at 9.1 CVSS score.
- The flaw involves improper path validation and race conditions in the embedded web server, enabling remote code execution.
- Exploiting the vulnerability requires network access and valid credentials, with default passwords increasing risk.
- Lexmark has released firmware updates across 38 product families to address the issue, urging immediate deployment.
- Security experts warn that unpatched devices could enable lateral movement in corporate networks, especially in sensitive sectors like healthcare and finance.
Read More: https://gbhackers.com/critical-vulnerability-in-lexmark-printers/