Local Security Control Bypass in Xerox WorkCentre Devices
CVE-2006-6441

Currently unrated

Key Information:

Vendor: Xerox
Status: Workcentre 255; Workcentre 245; Workcentre 238; Workcentre 232
Vendor: CVE Published:; 10 December 2006

Summary

The identified vulnerability in Xerox WorkCentre and WorkCentre Pro devices allows local users to circumvent established security measures. This can be achieved by using alternative boot media, such as a USB thumb drive, enabling unauthorized access to the device's primary firmware. The affected versions include WorkCentre Pro prior to 12.050.03.000, 13.x prior to 13.050.03.000, and 14.x prior to 14.050.03.000. Users are advised to implement necessary security measures to mitigate the risks associated with this vulnerability.

References

http://secunia.com/advisories/23265

third-party-advisoryx_refsource_SECUNIA

http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v1...

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 10, 2006
Vulnerability Reserved
Dec 9, 2006