CyberSecurity news
FlagThis
Pierluigi Paganini@Security Affairs
//
Security vulnerabilities have been discovered in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials. The flaw, discovered by Rapid7 researcher Deral Heiland, enables malicious actors to intercept Lightweight Directory Access Protocol (LDAP) and Server Message Block (SMB) authentication data through pass-back attacks. The vulnerabilities, tracked as CVE-2024-12510 and CVE-2024-12511, threaten organizations relying on these devices for printing, scanning, and document management.
Xerox has released firmware updates addressing these issues, urging customers to install patches immediately. Rapid7 recommends additional safeguards: restrict admin access to MFPs, disable unnecessary services like FTP, and implement network segmentation to isolate printers from critical AD infrastructure. The vulnerabilities underscore the risks of treating IoT devices as perimeter appliances rather than core network assets.
ImgSrc: securityaffairs
References :
Xerox has released firmware updates addressing these issues, urging customers to install patches immediately. Rapid7 recommends additional safeguards: restrict admin access to MFPs, disable unnecessary services like FTP, and implement network segmentation to isolate printers from critical AD infrastructure. The vulnerabilities underscore the risks of treating IoT devices as perimeter appliances rather than core network assets.
ImgSrc: securityaffairs
Share:
References :
- gbhackers.com: Critical security vulnerability in Xerox Versalink C7025 MFPs enables attackers to intercept authentication data via pass-back attacks via LDAP and SMB/FTP services.
- securityaffairs.com: Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers
- The Hacker News: Xerox printers have multiple vulnerabilities that could enable attackers to gain access to authentication credentials from LDAP and SMB services, potentially affecting enterprise networks.
- gbhackers.com: Xerox Printer Vulnerability Exposes Authentication Data Via LDAP and SMB
- Talkback Resources: Xerox Versalink Printer Vulnerabilities Enable Lateral Movement [exp] [net]
- www.scworld.com: Authentication credential compromise likely with Xerox VersaLink printer flaws
- securityonline.info: Xerox Versalink Printers Vulnerable to Pass-Back Attacks, Credentials at Risk
- securityonline.info: Xerox Versalink Printers Vulnerable to Pass-Back Attacks, Credentials at Risk
- Talkback Resources: New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials [exp] [net]
- securityboulevard.com: Flaws in Xerox VersaLink MFPs Spotlight Printer Security Concerns
- heise online English: Xerox Versalink: Multifunction printers reveal access data Vulnerabilities have been discovered in Xerox Versalink multifunction printers that could allow attackers to steal access data.
- Security Boulevard: Flaws in Xerox VersaLink MFPs Spotlight Printer Security Concerns
- Talkback Resources: Xerox Versalink Printer Vulnerabilities Enable Lateral Movement
- Talkback Resources: Xerox Printer Vulnerabilities Enable Credential Capture
Classification:
- HashTags: #PrinterSecurity #LDAP #SMB
- Company: Xerox
- Target: Windows Active Directory
- Product: VersaLink C7025
- Feature: Pass-back attacks
- Malware: CVE-2024-12510, CVE-2024-12511
- Type: Vulnerability
- Severity: Major