Summary: Security vulnerabilities in Xerox VersaLink C7025 Multifunction printers allow attackers to capture authentication credentials through pass-back attacks via LDAP and SMB/FTP services. These vulnerabilities could lead to lateral movement within an organizationโs network, compromising critical Windows servers and file systems. Responsible disclosures have prompted patching measures, but immediate actions are advised for users unable to update their systems promptly.
Affected: Xerox VersaLink C7025 Multifunction Printers
Keypoints :
- Vulnerabilities allow attackers to redirect authentication information to rogue servers, potentially exposing credentials.
- CVE-2024-12511 permits attackers to modify SMB/FTP server configurations to capture credentials during file scans.
- Immediate mitigation steps include setting complex admin passwords and disabling remote-control console access for unauthenticated users.
Source: https://thehackernews.com/2025/02/new-xerox-printer-flaws-could-let.html