CVE-2025-65081 is a medium-severity vulnerability categorized as CWE-125 (Out-of-bounds Read) found in the Postscript interpreter component of numerous Lexmark printer models, including MXTCT, MSNGM, MSTGM, and many others. The vulnerability arises when the Postscript interpreter improperly handles memory boundaries, allowing an attacker to read data outside the allocated buffer. This memory disclosure can be leveraged to execute arbitrary code on the device as an unprivileged user, potentially leading to full compromise of the printer's operating environment. The vulnerability is remotely exploitable over the network without requiring any authentication or user interaction, increasing its risk profile. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and impacts on confidentiality, integrity, and availability at low to limited levels (VC:L, VI:L, VA:L). The affected products span a broad range of Lexmark printers widely used in enterprise and government environments. No patches or known exploits are currently available, but the vulnerability's nature suggests that exploitation could allow attackers to manipulate print jobs, intercept sensitive data, or use the printer as a foothold for lateral movement within networks. The flaw was reserved in November 2025 and published in February 2026, indicating recent discovery and disclosure.

The primary impact of CVE-2025-65081 is the potential for unauthorized code execution on affected Lexmark printers, which can lead to several security consequences. Confidentiality may be compromised as attackers could read sensitive memory contents, including print job data or device credentials. Integrity is at risk because arbitrary code execution allows modification of printer firmware or configuration, potentially enabling persistent backdoors or manipulation of print outputs. Availability could be affected if attackers disrupt printer operations or cause device crashes. Given that printers often reside within corporate or government networks, exploitation could serve as a pivot point for broader network compromise. Organizations relying heavily on Lexmark devices for critical document processing or operating in regulated sectors face heightened risks. The lack of authentication and user interaction requirements lowers the barrier for exploitation, increasing the threat to exposed devices. However, the absence of known exploits in the wild currently limits immediate widespread impact, though this may change as threat actors develop attack tools.

To mitigate CVE-2025-65081, organizations should implement a multi-layered approach beyond waiting for vendor patches. First, restrict network access to affected Lexmark printers by placing them on isolated VLANs or behind firewalls, limiting exposure to trusted management networks only. Disable or limit Postscript processing features if not essential, reducing the attack surface. Monitor network traffic for unusual or malformed Postscript data that could indicate exploitation attempts. Employ strict access controls and authentication mechanisms for printer management interfaces to prevent unauthorized configuration changes. Regularly audit and inventory printer firmware versions and configurations to quickly identify vulnerable devices. Engage with Lexmark for timely updates and apply patches immediately upon release. Consider deploying network intrusion detection systems with signatures tuned for Postscript interpreter anomalies. Finally, educate IT staff about this vulnerability to ensure rapid response to any suspicious activity related to printer operations.