First published: Fri Mar 13 2020(Updated: )
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handling of the register parameters, because the size used within a memcpy() function, which copied the action value into a local variable, was not checked properly.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Xerox Phaser 3320 Firmware | =v53.006.16.000 | |
Xerox Phaser 3320 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Xerox Phaser 3320 Firmware v53.006.16.000 is affected.
CVE-2019-13171 is a stack-based buffer overflow vulnerability in the Google Cloud Print implementation on certain Xerox printers.
The severity of CVE-2019-13171 is rated as critical with a severity value of 9.8 out of 10.
An unauthenticated attacker can exploit CVE-2019-13171 to execute arbitrary code on the vulnerable Xerox printers.
More information about CVE-2019-13171 can be found on the Xerox Security website and the NCC Group Technical Advisory.