[German]A critical vulnerability CVE-2021-44738 has been found in the PostScript interpreter of various Lexmark printers. The manufacturer warns about this vulnerability, which allows remote code execution, in a security advisory and provides a firmware update to close the vulnerability. Here is an overview of this vulnerability.
I became aware of this security advisory dated January 18, 2022 from Lexmark via this German tweet. Affected by the critical vulnerability (CVE-2021-44738) are numerous Lexmark printers with PostScript support. These include the B2338, B2442, B2546, B2650, C925, M3250, XM1135, etc. models.
Vulnerability CVE-2021-44738 has been discovered in the Postscript interpreter of several Lexmark devices and has a CVSSv3 Base Score of 9.0. A buffer overflow can occur in the Postscript interpreter. The vulnerability can be exploited by an attacker to execute arbitrary code. This could become a problem, especially in networks, if the printer is then used for further attacks.
Lexmark has not published details about the vulnerability. Currently, no attacks via this vulnerability are known. However, the manufacturer Lexmark provides firmware updates for the affected devices, which administrators should install promptly.
Whether a device is vulnerable can be determined via the firmware version. To determine the firmware status of a device, Lexmark states to select the menu item "Settings"->"Reports"->"Settings Page Menu" on the control panel. If the firmware level listed under "Device Information" matches a level under "Affected Releases" in this Security Note, the firmware should be updated.
Cookies helps to fund this blog: Cookie settings