Xerox Printers Vulnerability Let Attackers Remotely Takeover Devices
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Multiple Xerox printer models have been found to have a severe security vulnerability, which allows attackers with administrative access to completely take control of the devices.
According to SEC Consult, the high-severity flaw tracked as CVE-2024-6333 affects various printer lines, including EC80xx, AltaLink, VersaLink, and WorkCentre series.
The security flaw enables authenticated attackers to execute arbitrary commands with root privileges on the printer’s operating system through the device’s web interface.
This remote code execution (RCE) vulnerability exists in the “Network Troubleshooting” menu, where administrators can configure network troubleshooting settings using the tcpdump tool.
network troubleshooting feature Exploited (Source : SEC Consult)
The vulnerability stems from insufficient input validation in the IPv4 address field of the network troubleshooting feature.
Attackers can inject malicious OS commands into the tcpdump command string, leading to complete system compromise.
Combined with previously patched vulnerabilities, this could allow attackers to establish persistent access to affected devices.
The vulnerability has been assigned a severity score of 7.2 (HIGH) on the CVSS scale. Affected devices include:
Mitigation Steps
Security researchers strongly recommend that organizations take immediate action by:
SEC Consult’s Vulnerability Lab made the discovery, emphasizing the importance of proper security maintenance for network-connected printing devices.
Organizations using affected Xerox printers should prioritize these updates to protect their infrastructure from potential exploitation.
#Cyber_Security #Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
Xerox Printers Vulnerability Let Attackers Remotely Takeover Devices
Author: Guru BaranMultiple Xerox printer models have been found to have a severe security vulnerability, which allows attackers with administrative access to completely take control of the devices.
According to SEC Consult, the high-severity flaw tracked as CVE-2024-6333 affects various printer lines, including EC80xx, AltaLink, VersaLink, and WorkCentre series.
The security flaw enables authenticated attackers to execute arbitrary commands with root privileges on the printer’s operating system through the device’s web interface.
This remote code execution (RCE) vulnerability exists in the “Network Troubleshooting” menu, where administrators can configure network troubleshooting settings using the tcpdump tool.
network troubleshooting feature Exploited (Source : SEC Consult)The vulnerability stems from insufficient input validation in the IPv4 address field of the network troubleshooting feature.
Attackers can inject malicious OS commands into the tcpdump command string, leading to complete system compromise.
Combined with previously patched vulnerabilities, this could allow attackers to establish persistent access to affected devices.
The vulnerability has been assigned a severity score of 7.2 (HIGH) on the CVSS scale. Affected devices include:
- AltaLink B8045/B8055/B8065/B8075/B8090 series
- AltaLink C8030/C8035/C8045/C8055/C8070 series
- Various VersaLink and WorkCentre models
Mitigation Steps
Security researchers strongly recommend that organizations take immediate action by:
- Installing the latest security updates detailed in Xerox Security Bulletin XRX24-015.
- Ensuring all previous security patches are applied, including those from bulletin XRX23-020.
- Conducting thorough security reviews of their printer infrastructure.
SEC Consult’s Vulnerability Lab made the discovery, emphasizing the importance of proper security maintenance for network-connected printing devices.
Organizations using affected Xerox printers should prioritize these updates to protect their infrastructure from potential exploitation.
#Cyber_Security #Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
