CVE-2024-6333
7.2
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Authenticated Remote Code Execution in Altalink, Versalink & WorkCentre Products.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Xerox | AltaLink® B8045 / B8055 / B8065 / B8075 / B8090 | C8030 / C8035 / C8045 / C8055 / C807 | 103.xxx.024.18600 |
| Xerox | Xerox® EC8036 / EC8056 | 103.xxx.024.18600 | affected |
| Xerox | Xerox® EC8036 / EC8056 - Common Criteria (June 2022) | 103.023.031.35105 | affected |
| Xerox | Xerox® EC8036 / EC8056 - Common Criteria (June 2024) | 103.xxx.013.14115 | affected |
| Xerox | AltaLink®C8130 / C8135 / C8145 / C8155 / C8170 | B8145 / B8155 / B8170 Common Criteria (Aug 2024) | 119.xxx.023.13006 |
| Xerox | AltaLink® C8130 / C8135 / C8145 / C8155 / C8170 | B8145 / B8155 / B8170 Common Criteria Certified (Aug 2023) | 111.xxx.003.11600 |
| Xerox | VersaLink® B625 / C625 | B425 / C425 Common Criteria Certified (2024) | 119.xxx.003.11705 |
| Xerox | WorkCentre 3655/3655i | 075.060.004.07810 | affected |
| Xerox | WorkCentre 5945/55i | 075.091.004.07810 | affected |
| Xerox | WorkCentre 6655/6655i | 075.110.004.07810 | affected |
| Xerox | WorkCentre 7220/7225i | 075.030.004.07810 | affected |
| Xerox | WorkCentre 7830/7835i | 075.010 004.07810 | affected |
| Xerox | WorkCentre 7845/7855i | 075.040.004.07810 | affected |
| Xerox | WorkCentre 7845/7855 (IBG) | 075.080.004.07810 | affected |
| Xerox | WorkCentre 7970/7970i | 075.200.004.07810 | affected |
| Xerox | WorkCentre EC7836 | 075.050.004.07810 | affected |
| Xerox | WorkCentre EC7856 | 075.020.004.07810 | affected |
Weaknesses
- CWE-78: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
- CWE-77: CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.