What should you do now about Lexmark printer vulnerabilities CVE-2025-65082 and CVE-2025-65083?
If you manage Lexmark printers, plan a quick firmware review. Two ESF-related security issues—CVE-2025-65082 (CVSS 8.8) and CVE-2025-65083 (CVSS 9.3)—were publicly disclosed in late January 2026, and Lexmark has published advisories plus device firmware updates.
CVE-2025-65083 is rated the more severe of the two, and Lexmark’s advisory states that successful exploitation can allow remote execution of arbitrary code on the device. CVE-2025-65082 is also high severity, and Lexmark has documented impact details and affected models in its advisory.
What to do next
- Identify affected models in your fleet using Lexmark’s advisory list and “Current Advisories” page.
- Apply the relevant firmware updates from Lexmark for each affected device as soon as operationally possible.
- Treat these as priority patches if devices are reachable over internal networks where attackers could laterally move to printers.