According to a recent advisory, Lexmark printers currently contain a vulnerability that can lead to serious attacks on your network which are surprisingly easy to operate. Found in the Lexmark Printer Software G2 Installation package, the problem lies in an unquoted service-path vulnerability in the “LM__bdsvc” service, and can allow an attacker to execute arbitrary code. Fortunately, the vulnerability has not yet been exploited, and therefore is considered only a “risk”.
No patch yet exists for the printer’s software, so the vulnerability remains as of right now. However, Lexmark says that they are working on a fix.
And this isn’t the first time Lexmark printers have seen this type of problem; in 2017, researchers at NewSky Security warned of misconfigured printers that were left open to the internet and easily accessible to attack.
But printers aren’t the real problem here. Are you surprised to hear that a simple printer can serve as an entry point to your network? Our point is that most of us don’t tend to think of printers as being exploitable devices!
And yet, it’s true. Any device connected to your business network can offer an open door to attackers on the outside who are looking for opportunities. We focus quite a bit on computer systems, smart passwords, suspicious emails, and safe internet browsing… But that innocent-looking printer in the corner, or even security cameras and other devices, can also cause you trouble.
That’s why the rule of thumb is to protect your entire network, and every device on it. As we increasingly add more and more wireless and “smart” technology to our lives, the net of security must be cast even wider.
Contact us at 888-RING-MY-TECH to learn more about troubleshooting your systems, and installing the right level of protection to keep your data safe and your business running smoothly.
