Corporate Member News

Zero-Day Discovery Within Lexmark Markvision Enterprise Application Discolosed by Digital Defense, Inc.

Digital Defense, Inc. (DDI), a leading provider of Vulnerability Management as a Service (VMaaS™), disclosed the discovery of two security vulnerabilities found in the Lexmark Markvision Enterprise application. The vulnerabilities can be leveraged to pull encrypted administrative credentials and decrypt with an obtainable static key, allowing remote administrative access to the interface. If exploited, a cybercriminal would have SYSTEM privileges to run remote code, retrieve arbitrary files, and perform denial of service potentially disrupting an organization’s operations.