CVE-2023-26063

Name of the Vulnerable Software and Affected Versions Lexmark devices through 2023-02-19

Description The issue is related to accessing a resource by using an incompatible type, which can lead to remote code execution. This is associated with the pagemaker microprogram software of Lexmark multifunctional devices, specifically when handling the NAME parameter. Exploitation of this issue may allow a remote attacker to execute arbitrary code.

Recommendations For Lexmark devices through 2023-02-19, consider restricting access to the pagemaker service until a patch is available. As a temporary workaround, avoid using the NAME parameter in the affected service to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.