Critical Vulnerability in Xerox Printers (CVE-2024-6333) - Immediate Update Required

Security Bulletin

Critical Vulnerability in Xerox Printers (CVE-2024-6333) – Immediate Update Required

Home » Security Bulletins » Critical Vulnerability in Xerox Printers (CVE-2024-6333) – Immediate Update Required

October 28, 2024

What You Need to Know:

A critical security vulnerability has been discovered in multiple Xerox printer models, including the AltaLink, VersaLink, and WorkCentre series. This vulnerability, tracked as CVE-2024-6333, allows attackers to remotely control affected printers with full system privileges, enabling unauthorized access and control.

What Is the Risk?

If an attacker exploits this flaw, they could remotely execute commands on the printer’s operating system, gaining administrative-level access. This could allow them to:

Monitor or alter data passing through the printer.
Use the printer as a launching point to compromise other systems on your network..
Establish persistent access for future attacks.

How It Works:

The vulnerability exists in the “Network Troubleshooting” feature found on certain Xerox printers. Attackers with admin access can misuse this feature by inserting harmful commands into the printer’s operating system by exploiting a flaw in the IPv4 address field. This flaw lets them use the tcpdump tool in a way that gives them unauthorized control over the printer, leading to what’s known as “remote code execution.”

What Should You Do?

1. Check Your Model: This vulnerability affects several Xerox printer lines, including:

AltaLink B8045/B8055/B8065/B8075/B8090 series
AltaLink C8030/C8035/C8045/C8055/C8070 series
Various VersaLink and WorkCentre models

2. Apply Xerox Updates: Xerox has issued a security update to fix this vulnerability. Ensure you install the update from Xerox Security Bulletin XRX24-015 to protect your device.

3. Review Past Updates: Ensure that previous security patches, especially those in Xerox Bulletin XRX23-020, are applied.

What Additional Best Practices Should Be Implemented?

In addition to updating, consider implementing these best practices:

Secure Admin Access: Ensure default admin access credentials have been changed.
Limit Admin Access: Restrict who has administrative access to your networked printers.
Monitor Printer Activity: Look for unusual activities on your printers, especially concerning network troubleshooting features.
Network Segmentation: Separate printers from other critical devices on your network to contain any potential threats.

Stay Informed:

Understanding vulnerabilities in commonly used devices like printers is essential for staying secure. Regularly check for security updates and best practices from your device manufacturers to reduce risks. This bulletin is intended to help you stay informed of the latest cyber threats and how to protect yourself. If you need any assistance with updates or have questions, please reach out to our support team.

For those who would like more detailed information regarding this bulletin, please visit the following links:

https://security.business.xerox.com/xerox-security-bulletin-xrx24-015-for-altalink-versalink-and-workcentre-cve-2024-6333/

This bulletin is intended to keep you informed about the latest cyber threats, cybersecurity news, and how to protect yourself. If you have any questions or need further assistance, please contact our support team.

Planning for IT Expansion: Budgeting for the Future of Your SMB

Mastering IT Budgeting: A Smarter Approach for Small and Mid-Sized Businesses

Understanding Backup Management: Why Your Business Needs a Solid Backup Strategy

How to Ensure Your Business is Ready for the Next Technological Disruption

Backup Management: Safeguarding Your Business – Why It’s More Critical Than Ever

Security Bulletin