Login Sign Up

CVE-2023-26070

9.8 CRITICAL
Remote Code Execution

📋 TL;DR

This CVE describes an input validation vulnerability in certain Lexmark devices that could allow remote attackers to execute arbitrary code or cause denial of service. The vulnerability affects Lexmark devices with firmware versions through February 19, 2023. Organizations using affected Lexmark printers and multifunction devices are at risk.

💻 Affected Systems

Products:
  • Lexmark printers and multifunction devices
Versions: Firmware versions through 2023-02-19
Operating Systems: Embedded printer firmware
Default Config Vulnerable: ⚠️ Yes
Notes: Specific device models not detailed in public advisory; check Lexmark's security alert for complete list.

📦 What is this software?

Cslbl Firmware by Lexmark

View all CVEs affecting Cslbl Firmware →

Cslbn Firmware by Lexmark

View all CVEs affecting Cslbn Firmware →

Cslbn Firmware by Lexmark

View all CVEs affecting Cslbn Firmware →

Csnzj Firmware by Lexmark

View all CVEs affecting Csnzj Firmware →

Csnzj Firmware by Lexmark

View all CVEs affecting Csnzj Firmware →

Csnzj Firmware by Lexmark

View all CVEs affecting Csnzj Firmware →

Cstpc Firmware by Lexmark

View all CVEs affecting Cstpc Firmware →

Cstzj Firmware by Lexmark

View all CVEs affecting Cstzj Firmware →

Cxlbl Firmware by Lexmark

View all CVEs affecting Cxlbl Firmware →

Cxlbn Firmware by Lexmark

View all CVEs affecting Cxlbn Firmware →

Cxtmm Firmware by Lexmark

View all CVEs affecting Cxtmm Firmware →

Cxtpc Firmware by Lexmark

View all CVEs affecting Cxtpc Firmware →

Cxtzj Firmware by Lexmark

View all CVEs affecting Cxtzj Firmware →

Lhs60 Firmware by Lexmark

View all CVEs affecting Lhs60 Firmware →

Lhs60 Firmware by Lexmark

View all CVEs affecting Lhs60 Firmware →

Lhs60 Firmware by Lexmark

View all CVEs affecting Lhs60 Firmware →

Lhs60 Firmware by Lexmark

View all CVEs affecting Lhs60 Firmware →

Lhs60 Firmware by Lexmark

View all CVEs affecting Lhs60 Firmware →

Lhs60 Firmware by Lexmark

View all CVEs affecting Lhs60 Firmware →

Lhs60 Firmware by Lexmark

View all CVEs affecting Lhs60 Firmware →

Lhs60 Firmware by Lexmark

View all CVEs affecting Lhs60 Firmware →

Lhs60 Firmware by Lexmark

View all CVEs affecting Lhs60 Firmware →

Lhs60 Firmware by Lexmark

View all CVEs affecting Lhs60 Firmware →

Lhs60 Firmware by Lexmark

View all CVEs affecting Lhs60 Firmware →

Lp Firmware by Lexmark

View all CVEs affecting Lp Firmware →

Lp Firmware by Lexmark

View all CVEs affecting Lp Firmware →

Lr Firmware by Lexmark

View all CVEs affecting Lr Firmware →

Lr Firmware by Lexmark

View all CVEs affecting Lr Firmware →

Lr Firmware by Lexmark

View all CVEs affecting Lr Firmware →

Lr Firmware by Lexmark

View all CVEs affecting Lr Firmware →

Lr Firmware by Lexmark

View all CVEs affecting Lr Firmware →

Lr Firmware by Lexmark

View all CVEs affecting Lr Firmware →

Lr Firmware by Lexmark

View all CVEs affecting Lr Firmware →

Lr Firmware by Lexmark

View all CVEs affecting Lr Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Lw80 Firmware by Lexmark

View all CVEs affecting Lw80 Firmware →

Mslbd Firmware by Lexmark

View all CVEs affecting Mslbd Firmware →

Mslsg Firmware by Lexmark

View all CVEs affecting Mslsg Firmware →

Msngm Firmware by Lexmark

View all CVEs affecting Msngm Firmware →

Msngw Firmware by Lexmark

View all CVEs affecting Msngw Firmware →

Mstgw Firmware by Lexmark

View all CVEs affecting Mstgw Firmware →

Mxlbd Firmware by Lexmark

View all CVEs affecting Mxlbd Firmware →

Mxlsg Firmware by Lexmark

View all CVEs affecting Mxlsg Firmware →

Mxngm Firmware by Lexmark

View all CVEs affecting Mxngm Firmware →

Mxtct Firmware by Lexmark

View all CVEs affecting Mxtct Firmware →

Mxtgm Firmware by Lexmark

View all CVEs affecting Mxtgm Firmware →

Mxtgw Firmware by Lexmark

View all CVEs affecting Mxtgw Firmware →

Mxtpm Firmware by Lexmark

View all CVEs affecting Mxtpm Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote unauthenticated attacker gains full control of the device, potentially pivoting to internal networks or deploying ransomware.

🟠

Likely Case

Remote code execution leading to device compromise, data exfiltration, or disruption of printing services.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls, potentially only denial of service.

🌐 Internet-Facing: HIGH - CVSS 9.8 indicates critical risk for internet-exposed devices.
🏢 Internal Only: HIGH - Even internally, vulnerable devices could be exploited via phishing or compromised internal hosts.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

CVSS 9.8 suggests low attack complexity; no public exploit code known at time of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware versions after 2023-02-19

Vendor Advisory: https://publications.lexmark.com/publications/security-alerts/CVE-2023-26070.pdf

Restart Required: Yes

Instructions:

1. Visit Lexmark support site. 2. Identify your device model. 3. Download latest firmware. 4. Apply firmware update via web interface or USB. 5. Reboot device.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Lexmark devices to separate VLAN with restricted access.

Disable Unnecessary Services

all

Turn off unused network services on printer web interface.

🧯 If You Can't Patch

  • Implement strict network access controls to limit device exposure
  • Monitor device logs for suspicious activity and implement IDS/IPS rules

🔍 How to Verify

Check if Vulnerable:

Check firmware version in device web interface under Settings > General Settings > Device Information

Check Version:

N/A for embedded devices; use web interface or SNMP query

Verify Fix Applied:

Verify firmware version is newer than 2023-02-19 in device information page

📡 Detection & Monitoring

Log Indicators:

  • Unusual HTTP requests to printer web interface
  • Firmware modification attempts
  • Unexpected device reboots

Network Indicators:

  • Suspicious traffic to printer ports (80, 443, 9100)
  • Unusual outbound connections from printer

SIEM Query:

source="lexmark-printer" AND (event_type="firmware_change" OR http_status="500" OR http_method="POST" AND uri_contains("config"))

📊 Metadata

CVE ID: CVE-2023-26070
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-20
Published: April 10, 2023
Last Updated: February 11, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-26070, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2024-3400 10.0

CVE-2024-3400 is a critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProte...

Same vulnerability type (CWE-20)
CVE-2023-42802 10.0

This critical vulnerability in GLPI allows attackers to upload malicious PHP files to unauthorized d...

Same vulnerability type (CWE-20)