1.0 Introduction
Recently a set of security vulnerabilities has been identified in Xerox VersaLink Multifunction Printers (MFPs) that could allow attackers to capture Windows Active Directory credentials.
2.0 Impact
These vulnerabilities exploit pass-back attacks through Lightweight Directory Access Protocol (LDAP)
(CVE-2024-12510)
and SMB/FTP services
(CVE-2024-12511)
. If successfully exploited, attackers could leverage compromised credentials to move laterally within an organization's network, potentially compromising critical Windows servers and file system.
3.0 Affected Products
Firmware version 57.69.91 and earlier for:
- VersaLink C7020
- VersaLink C7025
- VersaLink C7030
4.0 Recommendations
CyberSecurity Malaysia urges users and organisations to review the
Xerox Security Bulletin
, follow the Mitigation steps and apply the necessary updates.
Kindly refer to the URL for more information:
Generally, Cyber999 advises the users of these devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact Cyber999 through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 08:30 -17.30 MYT
Web:
https://www.mycert.org.my
5.0 References