Weakness in Xerox Printer SMB/FTP Configuration Management

CVE-2024-12511

What is CVE-2024-12511?

A security vulnerability in Xerox printers allows unauthorized modification of SMB and FTP settings through address book access. This can lead to redirected scans and the potential capture of sensitive credentials. The issue necessitates that scanning features and printer access are enabled, creating an exploit vector for malicious actors. Ensuring proper configuration and access controls is critical for safeguarding sensitive data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

News Articles

CVE-2024-12510CVE-2024-12511

Xerox Printer Vulnerabilities Enable Credential Capture

Attackers are using patched bugs to potentially gain unfettered access to an organization's Windows environment under certain conditions.

Dark Reading

CVE-2024-12510CVE-2024-12511

Xerox Printer Vulnerabilities Enable Credential Capture

Attackers are using patched bugs to potentially gain unfettered access to an organization's Windows environment under certain conditions.

Security Affairs

CVE-2024-12511CVE-2024-12510

Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers

Xerox VersaLink C7025 Multifunction printer flaws could allow attackers to capture authentication credentials via pass-back attacks.

More News...

References