Researcher drops Lexmark RCE zero-day rather than sell vuln ‘for peanuts’

Security researcher, Peter Geissler, discovered a zero-day remote code execution vulnerability that could potentially affect over 100 Lexmark printer models. He claimed the reward for disclosing this was too low, so chose to publicly disclose the bug. Although it has since been patched, Geissler suggests this example highlights the need for improvements in vulnerability reward programs.