Xerox Printers Vulnerability Let Attackers Remotely Takeover Devices
Multiple Xerox printer models have been found to have a severe security vulnerability, which allows attackers with administrative access to completely take control of the devices.
According to SEC Consult, the high-severity flaw tracked as CVE-2024-6333 affects various printer lines, including EC80xx, AltaLink, VersaLink, and WorkCentre series.
The security flaw enables authenticated attackers to execute arbitrary commands with root privileges on the printer’s operating system through the device’s web interface.
National Cybersecurity Awareness Month Cyber Challenges – Test your Skills Now
This remote code execution (RCE) vulnerability exists in the “Network Troubleshooting” menu, where administrators can configure network troubleshooting settings using the tcpdump tool.
network troubleshooting feature Exploited (Source : SEC Consult)
The vulnerability stems from insufficient input validation in the IPv4 address field of the network troubleshooting feature.
Attackers can inject malicious OS commands into the tcpdump command string, leading to complete system compromise.
Combined with previously patched vulnerabilities, this could allow attackers to establish persistent access to affected devices.
The vulnerability has been assigned a severity score of 7.2 (HIGH) on the CVSS scale. Affected devices include:
AltaLink B8045/B8055/B8065/B8075/B8090 series
AltaLink C8030/C8035/C8045/C8055/C8070 series
Various VersaLink and WorkCentre models
Mitigation Steps
Security researchers strongly recommend that organizations take immediate action by:
Installing the latest security updates detailed in Xerox Security Bulletin XRX24-015.
Ensuring all previous security patches are applied, including those from bulletin XRX23-020.
Conducting thorough security reviews of their printer infrastructure.
SEC Consult’s Vulnerability Lab made the discovery, emphasizing the importance of proper security maintenance for network-connected printing devices.
Organizations using affected Xerox printers should prioritize these updates to protect their infrastructure from potential exploitation.
Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Watch Here
The post Xerox Printers Vulnerability Let Attackers Remotely Takeover Devices appeared first on Cyber Security News.