CVE-2020-9330
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gains access to affected devices (e.g., by using default credentials) can change the LDAP connection IP address to a system owned by the actor without knowledge of the LDAP bind credentials. After changing the LDAP connection IP address, subsequent authentication attempts will result in the printer sending plaintext LDAP (Active Directory) credentials to the actor. Although the credentials may belong to a non-privileged user, organizations frequently use privileged service accounts to bind to Active Directory. The attacker gains a foothold on the Active Directory domain at a minimum, and may use the credentials to take over control of the Active Directory domain. This affects 3655*, 3655i*, 58XX*, 58XXi*, 59XX*, 59XXi*, 6655**, 6655i**, 72XX*, 72XXi*, 78XX**, 78XXi**, 7970**, 7970i**, EC7836**, and EC7856** devices.
Algunas impresoras Xerox WorkCentre versiones anteriores a 073.xxx.000.02300, no requieren que el usuario vuelva a introducir o compruebe las credenciales de enlace LDAP cuando se cambia la dirección IP del conector LDAP. Un actor malicioso que consigue acceso a los dispositivos afectados (por ejemplo, mediante el uso de credenciales predeterminadas) puede cambiar la dirección IP de la conexión LDAP a un sistema propiedad del actor sin tener conocimiento de las credenciales de enlace LDAP. Después de cambiar la dirección IP de la conexión LDAP, los intentos de autenticación subsiguientes resultarían en que la impresora envíe credenciales LDAP (Active Directory) de texto plano al actor. Aunque las credenciales pueden pertenecer a un usuario no privilegiado, las organizaciones usan con frecuencia cuentas de servicio privilegiadas para vincularse al Active Directory. El atacante se afianza en el dominio de Active Directory como mínimo y puede usar las credenciales para tomar del control del dominio de Active Directory. Esto afecta a los dispositivos 3655*, 3655i*, 58XX*, 58XXi*, 59XX*, 59XXi*, 6655**, 6655i**, 72XX*, 72XXi*, 78XX**, 78XXi**, 7970**, 7970i**, EC7836** y EC7856**.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-02-21 CVE Reserved
- 2020-02-21 CVE Published
- 2023-06-26 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-306: Missing Authentication for Critical Function
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.securicon.com/hackers-can-gain-active-directory-privileges-through-new-vulnerability-in-xerox-printers | 2024-08-04 |
| URL | Date | SRC |
|---|---|---|
| https://securitydocs.business.xerox.com/wp-content/uploads/2020/02/cert_Security_Mini_Bulletin_XRX20D_for_ConnectKey.pdf | 2021-07-21 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Xerox Search vendor "Xerox" | Workcentre 3655 Firmware Search vendor "Xerox" for product "Workcentre 3655 Firmware" | < 073.060.000.02300 Search vendor "Xerox" for product "Workcentre 3655 Firmware" and version " < 073.060.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 3655 Search vendor "Xerox" for product "Workcentre 3655" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 3655i Firmware Search vendor "Xerox" for product "Workcentre 3655i Firmware" | < 073.060.000.02300 Search vendor "Xerox" for product "Workcentre 3655i Firmware" and version " < 073.060.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 3655i Search vendor "Xerox" for product "Workcentre 3655i" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 5845 Firmware Search vendor "Xerox" for product "Workcentre 5845 Firmware" | < 073.190.000.02300 Search vendor "Xerox" for product "Workcentre 5845 Firmware" and version " < 073.190.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 5845 Search vendor "Xerox" for product "Workcentre 5845" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 5855 Firmware Search vendor "Xerox" for product "Workcentre 5855 Firmware" | < 073.190.000.02300 Search vendor "Xerox" for product "Workcentre 5855 Firmware" and version " < 073.190.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 5855 Search vendor "Xerox" for product "Workcentre 5855" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 5945 Firmware Search vendor "Xerox" for product "Workcentre 5945 Firmware" | < 073.091.000.02300 Search vendor "Xerox" for product "Workcentre 5945 Firmware" and version " < 073.091.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 5945 Search vendor "Xerox" for product "Workcentre 5945" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 5955 Firmware Search vendor "Xerox" for product "Workcentre 5955 Firmware" | < 073.091.000.02300 Search vendor "Xerox" for product "Workcentre 5955 Firmware" and version " < 073.091.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 5955 Search vendor "Xerox" for product "Workcentre 5955" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 6655 Firmware Search vendor "Xerox" for product "Workcentre 6655 Firmware" | < 073.110.000.02300 Search vendor "Xerox" for product "Workcentre 6655 Firmware" and version " < 073.110.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 6655 Search vendor "Xerox" for product "Workcentre 6655" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 6655i Firmware Search vendor "Xerox" for product "Workcentre 6655i Firmware" | < 073.110.000.02300 Search vendor "Xerox" for product "Workcentre 6655i Firmware" and version " < 073.110.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 6655i Search vendor "Xerox" for product "Workcentre 6655i" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 7220 Firmware Search vendor "Xerox" for product "Workcentre 7220 Firmware" | < 073.030.000.02300 Search vendor "Xerox" for product "Workcentre 7220 Firmware" and version " < 073.030.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 7220 Search vendor "Xerox" for product "Workcentre 7220" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 7225 Firmware Search vendor "Xerox" for product "Workcentre 7225 Firmware" | < 073.030.000.02300 Search vendor "Xerox" for product "Workcentre 7225 Firmware" and version " < 073.030.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 7225 Search vendor "Xerox" for product "Workcentre 7225" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 7830 Firmware Search vendor "Xerox" for product "Workcentre 7830 Firmware" | < 073.010.000.02300 Search vendor "Xerox" for product "Workcentre 7830 Firmware" and version " < 073.010.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 7830 Search vendor "Xerox" for product "Workcentre 7830" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 7835 Firmware Search vendor "Xerox" for product "Workcentre 7835 Firmware" | < 073.010.000.02300 Search vendor "Xerox" for product "Workcentre 7835 Firmware" and version " < 073.010.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 7835 Search vendor "Xerox" for product "Workcentre 7835" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 7845 Firmware Search vendor "Xerox" for product "Workcentre 7845 Firmware" | < 073.010.000.02300 Search vendor "Xerox" for product "Workcentre 7845 Firmware" and version " < 073.010.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 7845 Search vendor "Xerox" for product "Workcentre 7845" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 7855 Firmware Search vendor "Xerox" for product "Workcentre 7855 Firmware" | < 073.010.000.02300 Search vendor "Xerox" for product "Workcentre 7855 Firmware" and version " < 073.010.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 7855 Search vendor "Xerox" for product "Workcentre 7855" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 7970 Firmware Search vendor "Xerox" for product "Workcentre 7970 Firmware" | < 073.200.000.02300 Search vendor "Xerox" for product "Workcentre 7970 Firmware" and version " < 073.200.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 7970 Search vendor "Xerox" for product "Workcentre 7970" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre 7970i Firmware Search vendor "Xerox" for product "Workcentre 7970i Firmware" | < 073.200.000.02300 Search vendor "Xerox" for product "Workcentre 7970i Firmware" and version " < 073.200.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre 7970i Search vendor "Xerox" for product "Workcentre 7970i" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre Ec7836 Firmware Search vendor "Xerox" for product "Workcentre Ec7836 Firmware" | < 073.050.000.02300 Search vendor "Xerox" for product "Workcentre Ec7836 Firmware" and version " < 073.050.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre Ec7836 Search vendor "Xerox" for product "Workcentre Ec7836" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Workcentre Ec7856 Firmware Search vendor "Xerox" for product "Workcentre Ec7856 Firmware" | < 073.020.000.02300 Search vendor "Xerox" for product "Workcentre Ec7856 Firmware" and version " < 073.020.000.02300" | - |
Affected
| in | Xerox Search vendor "Xerox" | Workcentre Ec7856 Search vendor "Xerox" for product "Workcentre Ec7856" | - | - |
Safe
|