CWE
798 259
Advisory Published
Updated

CVE-2019-10881: Default hidden Privileged Account Vulnerability in multiple XEROX devices

First published: Tue Apr 13 2021(Updated: )

Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be disabled.

Credit: cert@airbus.com

Affected SoftwareAffected VersionHow to fix
Xerox Altalink B8045 Firmware<103.008.010.14010
Xerox AltaLink B8045
Xerox Altalink B8055 Firmware<103.008.010.14010
Xerox Altalink B8055
Xerox Altalink B8065 Firmware<103.008.010.14010
Xerox Altalink B8065
Xerox Altalink B8075 Firmware<103.008.010.14010
Xerox Altalink B8075
Xerox Altalink B8090 Firmware<103.008.010.14010
Xerox Altalink B8090
Xerox Altalink C8030 Firmware<103.001.010.14010
Xerox Altalink C8030
Xerox Altalink C8035 Firmware<103.001.010.14010
Xerox AltaLink C8035
Xerox Altalink C8045 Firmware<103.002.010.14010
Xerox Altalink C8045
Xerox Altalink C8055 Firmware<103.002.010.14010
Xerox Altalink C8055
Xerox Altalink C8070 Firmware<103.003.010.14010
Xerox Altalink C8070

Remedy

No fix available for now.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2019-10881?

    CVE-2019-10881 is a vulnerability in Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 that includes two accounts with weak hard-coded passwords, allowing unauthorized access.

  • How severe is CVE-2019-10881?

    CVE-2019-10881 is considered critical with a severity rating of 9.8.

  • What is the CWE ID for CVE-2019-10881?

    CVE-2019-10881 is associated with CWE IDs 798 and 259.

  • Are Xerox Altalink B8045/B8055/B8065/B8075/B8090 vulnerable to CVE-2019-10881?

    Yes, Xerox Altalink B8045/B8055/B8065/B8075/B8090 devices with software releases before 103.xxx.030.32000 are vulnerable to CVE-2019-10881.

  • How can I fix CVE-2019-10881?

    To fix CVE-2019-10881, update your Xerox AltaLink B8045/B8055/B8065/B8075/B8090 or AltaLink C8030/C8035/C8045/C8055/C8070 software to version 103.xxx.030.32000 or later.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203