CVE-2019-13171: Buffer Overflow
First published: Fri Mar 13 2020(Updated: )
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handling of the register parameters, because the size used within a memcpy() function, which copied the action value into a local variable, was not checked properly.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xerox Phaser 3320 Firmware | =v53.006.16.000 | |
| Xerox Phaser 3320 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
Which Xerox printers are affected by CVE-2019-13171?
Xerox Phaser 3320 Firmware v53.006.16.000 is affected.
What is CVE-2019-13171?
CVE-2019-13171 is a stack-based buffer overflow vulnerability in the Google Cloud Print implementation on certain Xerox printers.
What is the severity of CVE-2019-13171?
The severity of CVE-2019-13171 is rated as critical with a severity value of 9.8 out of 10.
How can an attacker exploit CVE-2019-13171?
An unauthenticated attacker can exploit CVE-2019-13171 to execute arbitrary code on the vulnerable Xerox printers.
Where can I find more information about CVE-2019-13171?
More information about CVE-2019-13171 can be found on the Xerox Security website and the NCC Group Technical Advisory.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/xerox
- canonical/xerox phaser 3320 firmware
- version/xerox phaser 3320 firmware/v53.006.16.000
- canonical/xerox phaser 3320