2025-02-22 02:07:05 Pacfic
Xerox Printer Flaws Expose Active Directory Credentials - 3d
Security vulnerabilities have been discovered in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials. The flaw, discovered by Rapid7 researcher Deral Heiland, enables malicious actors to intercept Lightweight Directory Access Protocol (LDAP) and Server Message Block (SMB) authentication data through pass-back attacks. The vulnerabilities, tracked as CVE-2024-12510 and CVE-2024-12511, threaten organizations relying on these devices for printing, scanning, and document management.
Xerox has released firmware updates addressing these issues, urging customers to install patches immediately. Rapid7 recommends additional safeguards: restrict admin access to MFPs, disable unnecessary services like FTP, and implement network segmentation to isolate printers from critical AD infrastructure. The vulnerabilities underscore the risks of treating IoT devices as perimeter appliances rather than core network assets.
ImgSrc: securityaffairs.com
References:
- GBHackers Security | #1 Globally Trusted Cyber Security News Platform - Critical security vulnerability in Xerox Versalink C7025 MFPs enables attackers to intercept authentication data via pass-back attacks via LDAP and SMB/FTP services. - 3d
- Security Archives - Security Affairs - Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers - 3d
- The Hacker News - Xerox printers have multiple vulnerabilities that could enable attackers to gain access to authentication credentials from LDAP and SMB services, potentially affecting enterprise networks. - 3d
- gbhackers.com - Xerox Printer Vulnerability Exposes Authentication Data Via LDAP and SMB - 3d
- Talkback Resources - Xerox Versalink Printer Vulnerabilities Enable Lateral Movement [exp] [net] - 3d
- SCM feed for Security Strategy, Plan, Budget - Authentication credential compromise likely with Xerox VersaLink printer flaws - 3d
- Vulnerability Archives ? Cybersecurity News - Xerox Versalink Printers Vulnerable to Pass-Back Attacks, Credentials at Risk - 2d
- securityonline.info - Xerox Versalink Printers Vulnerable to Pass-Back Attacks, Credentials at Risk - 2d
- Talkback Resources - New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials [exp] [net] - 2d
- securityboulevard.com - Flaws in Xerox VersaLink MFPs Spotlight Printer Security Concerns - 2d
- @heiseonlineenglish - Xerox Versalink: Multifunction printers reveal access data Vulnerabilities have been discovered in Xerox Versalink multifunction printers that could allow attackers to steal access data. - 2d
- Security Boulevard - Flaws in Xerox VersaLink MFPs Spotlight Printer Security Concerns - 2d
- Talkback Resources - Xerox Versalink Printer Vulnerabilities Enable Lateral Movement - 2d
- Talkback Resources - Xerox Printer Vulnerabilities Enable Credential Capture - 1d
Classification:
- HashTags: PrinterSecurity LDAP SMB
- Company: Xerox
- Target: Windows Active Directory
- Product: VersaLink C7025
- Feature: Pass-back attacks
- Type: Vulnerability
- Severity: Major