Local File Inclusion Vulnerability in Xerox WorkCentre Devices
CVE-2018-20769

7.5HIGH

Key Information:

Vendor

Xerox
Status
Workcentre 3655i Firmware
Vendor
CVE Published:
10 February 2019

What is CVE-2018-20769?

A Local File Inclusion vulnerability exists in various Xerox WorkCentre devices, allowing unauthorized local file access for users. This security issue affects devices operating on firmware versions prior to R18-05 073.xxx.0487.15000, posing a risk to sensitive information and system integrity if exploited.

References

https://securitydocs.business.xerox.com/wp-content/upload...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.