CVE-2019-13169
https://notcve.org/view.php?id=CVE-2019-13169
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Content-Type HTTP Header of the web application that would allow an attacker to execute arbitrary code on the device. Algunas impresoras Xerox (tal y como la Phaser 3320 versión V53.006.16.000), fueron afectadas por una vulnerabilidad de desbordamiento de búfer en el Encabezado Content-Type HTTP de la aplicación web que permitiría a un atacante ejecutar código arbitrario en el dispositivo. • https://security.business.xerox.com https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2019-13170
https://notcve.org/view.php?id=CVE-2019-13170
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement any mechanism to avoid CSRF attacks. Successful exploitation of this vulnerability can lead to the takeover of a local account on the device. Algunas impresoras Xerox (tal y como la Phaser 3320 versión V53.006.16.000), no implementaron ningún mecanismo para evitar ataques de tipo CSRF. Una explotación con éxito de esta vulnerabilidad puede conllevar a la toma de control de una cuenta local en el dispositivo. • https://security.business.xerox.com https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2019-13171
https://notcve.org/view.php?id=CVE-2019-13171
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handling of the register parameters, because the size used within a memcpy() function, which copied the action value into a local variable, was not checked properly. Algunas impresoras Xerox (tal y como la Phaser 3320 versión V53.006.16.000), fueron afectadas por una o más vulnerabilidades de desbordamiento de búfer en la región stack de la memoria en la implementación de Google Cloud Print que permitiría a un atacante no autenticado ejecutar código arbitrario en el dispositivo. Esto fue causado por un manejo no seguro del parámetro register, porque el tamaño usado dentro de una función memcpy(), que copió el valor de la acción en una variable local, no fue comprobado apropiadamente. • https://security.business.xerox.com https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers • CWE-787: Out-of-bounds Write •
CVE-2019-13172
https://notcve.org/view.php?id=CVE-2019-13172
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Authentication Cookie of the web application that would allow an attacker to execute arbitrary code on the device. Algunas impresoras Xerox (tal y como la Phaser 3320 versión V53.006.16.000), fueron afectadas por una vulnerabilidad de desbordamiento de búfer en la Cookie de Autenticación de la aplicación web que permitiría a un atacante ejecutar código arbitrario en el dispositivo. • https://security.business.xerox.com https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2020-9330
https://notcve.org/view.php?id=CVE-2020-9330
Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gains access to affected devices (e.g., by using default credentials) can change the LDAP connection IP address to a system owned by the actor without knowledge of the LDAP bind credentials. After changing the LDAP connection IP address, subsequent authentication attempts will result in the printer sending plaintext LDAP (Active Directory) credentials to the actor. Although the credentials may belong to a non-privileged user, organizations frequently use privileged service accounts to bind to Active Directory. The attacker gains a foothold on the Active Directory domain at a minimum, and may use the credentials to take over control of the Active Directory domain. • https://securitydocs.business.xerox.com/wp-content/uploads/2020/02/cert_Security_Mini_Bulletin_XRX20D_for_ConnectKey.pdf https://www.securicon.com/hackers-can-gain-active-directory-privileges-through-new-vulnerability-in-xerox-printers • CWE-306: Missing Authentication for Critical Function •