Are Your Xerox VersaLink Printers Leaving Your Network Vulnerable?

Apr 9, 2025
News Brief

Vulnerabilities CVE-2024-12510 and CVE-2024-12511 have been discovered in Xerox VersaLink multifunction printers. Identified by Rapid7, these flaws allow attackers to retrieve authentication credentials via pass-back attacks on LDAP and SMB/FTP services. This could let an attacker with admin access capture LDAP credentials by directing the service’s IP to a server they control, while running a port listener to capture credentials during LDAP lookups.

Attackers could also exploit these flaws by altering the user address book configuration to capture SMB or FTP credentials. Changing the SMB or FTP server IP to an attacker-controlled server could lead to capturing NetNTLMV2 handshakes or clear text FTP credentials. Such compromised credentials could enable attackers to infiltrate other important Windows servers and file systems within an organization.

Reported to Xerox in March of this year, these vulnerabilities prompted security updates released in January. Organizations should promptly update their firmware to version 57.75.53 to mitigate the risks. Using complex admin passwords, avoiding elevated Windows authentication accounts, and disabling unauthenticated remote printer console access are further recommended steps.

Addressing printer vulnerabilities is vital for preventing lateral movement within a network. Updating devices and securing configurations is crucial for protection against such attacks. The importance of proactive monitoring and timely patching was highlighted to ensure robust network security, emphasizing the pervasive threat of printer vulnerabilities.

Trending

Subscribe to Newsletter

Stay informed about the latest news, developments, and solutions in data security and management.

Invalid Email Address
Invalid Email Address

We'll Be Sending You Our Best Soon

You’re all set to receive our content directly in your inbox.

Something went wrong, please try again later

Subscribe to Newsletter

Stay informed about the latest news, developments, and solutions in data security and management.

Invalid Email Address
Invalid Email Address

We'll Be Sending You Our Best Soon

You’re all set to receive our content directly in your inbox.

Something went wrong, please try again later