Wednesday, January 22, 2025
HomeCVE/vulnerabilityXerox Printers Vulnerable to Remote Code Execution Attacks

Xerox Printers Vulnerable to Remote Code Execution Attacks

Published on

SIEM as a Service

Follow Us on Google News

Multiple Xerox printer models, including EC80xx, AltaLink, VersaLink, and WorkCentre, have been identified as vulnerable to an authenticated remote code execution (RCE) attack.

This vulnerability tracked as CVE-2024-6333, poses a significant risk, fully allowing attackers with administrative web credentials to compromise affected devices with root privileges. 

Timo Longin from SEC Consult’s Vienna office and Tamas Jos from the Zurich office discovered the vulnerability. It enables an attacker to execute arbitrary commands on the printer’s operating system.

The flaw lies in the “Network Troubleshooting” menu of the web interface, which uses the tcpdump tool. Insufficient input validation allows attackers to inject operating system commands into the tcpdump command string by manipulating the IPv4 address value.

National Cybersecurity Awareness Month Cyber Challenges – Test your Skills Now

 

Exploiting the network troubleshooting feature
Exploiting the network troubleshooting feature

For instance, by setting the IPv4 address to “0.0.0.0$(bash $TMP~cmd)”, commands stored in “/tmp/~cmd” can be executed when initiating a network troubleshooting session.

This exploit can be further leveraged to establish a reverse shell, granting attackers full access to the printer’s system. 

Reverse Shell
Reverse Shell

The vulnerability affects several Xerox printer models. Specifically those not updated to the latest firmware versions.

Xerox WorkCentre 7970 (073.200.167.09610) and WorkCentre 7855 (073.040.167.09610) were among the initially tested models found vulnerable. 

SEC Consult has urged Xerox to address this critical security issue promptly. Customers are advised to install the latest updates and review Xerox’s security note XRX24-015 for detailed guidance on mitigating this vulnerability.

Additionally, SEC Consult recommends a comprehensive security review of Xerox products to identify and resolve potential further security issues. 

Xerox, a leader in office and production print technology with a growing presence in digital and IT services, has emphasized its commitment to redefining workplace experiences and empowering client success through innovative solutions.

Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Watch Here

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Ex-CIA Analyst Pleaded Guilty For Leaking Top Secret National Defense Information

A former CIA analyst, Asif William Rahman, has pleaded guilty to charges of retaining...

Record Breaking 5.6 Tbps DDoS attack Launched by Mirai Botnet

 The Mirai botnet unleashed a record-breaking Distributed Denial of Service (DDoS) attack on October...

Criminal IP and OnTheHub Partner to Deliver Advanced Cybersecurity Solutions for Education

AI SPERA, a leading Cyber Threat Intelligence (CTI) provider, has collaborated with OnTheHub, a...

SQL Injection Vulnerability in Microsoft’s DevBlogs Lets Hackers Injecting Malicious SQL

In a recent discovery, a security researcher uncovered a critical SQL injection vulnerability on...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Ex-CIA Analyst Pleaded Guilty For Leaking Top Secret National Defense Information

A former CIA analyst, Asif William Rahman, has pleaded guilty to charges of retaining...

Record Breaking 5.6 Tbps DDoS attack Launched by Mirai Botnet

 The Mirai botnet unleashed a record-breaking Distributed Denial of Service (DDoS) attack on October...

Criminal IP and OnTheHub Partner to Deliver Advanced Cybersecurity Solutions for Education

AI SPERA, a leading Cyber Threat Intelligence (CTI) provider, has collaborated with OnTheHub, a...