CVE-2024-12511
7.6
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Summary
With address book access, SMB/FTP settings could be modified, redirecting scans and possibly capturing credentials. This requires enabled scan functions and printer access.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Xerox | Versalink B400 | 0 < 37.82.53 | affected |
| Xerox | Versalink B405 | 0 < 38.82.53 | affected |
| Xerox | Versalink C400 | 0 < 67.82.53 | affected |
| Xerox | Versalink C405 | 0 < 68.82.53 | affected |
| Xerox | Versalink B600/B610 | 0 < 32.82.53 | affected |
| Xerox | Versalink B605/B615 | 0 < 33.82.53 | affected |
| Xerox | Versalink C500/C600 | 0 < 61.82.53 | affected |
| Xerox | Versalink C505/C605 | 0 < 62.82.53 | affected |
| Xerox | Versalink C7000 | 0 < 56.75.53 | affected |
| Xerox | Versalink C7020/C7025/C7030 | 0 < 57.75.53 | affected |
| Xerox | Versalink B7025/B7030/B7035 | 0 < 58.75.53 | affected |
| Xerox | Versalink B7125/B7130/B7135 | 0 < 59.24.53 | affected |
| Xerox | Versalink C7120/C7125/C7130 | 0 < 69.24.53 | affected |
| Xerox | Versalink C8000/C9000 | 0 < 70.75.53 | affected |
| Xerox | Versalink C8000W | 0 < 72.75.53 | affected |
| Xerox | Phaser 6510 | 0 < 64.75.53 | affected |
| Xerox | WorkCentre 6515 | 0 < 65.75.53 | affected |
Weaknesses
- CWE-306: CWE-306 Missing Authentication for Critical Function
- CWE-522: CWE-522 Insufficiently Protected Credentials
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.