First published: Thu Mar 04 2021(Updated: )
Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow an attacker to execute an unwanted binary during a exploited clone install. This requires creating a clone file and signing that file with a compromised private key.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Xerox Altalink B8045 Firmware | <101.008.099.28200 | |
Xerox AltaLink B8045 | ||
Xerox Altalink B8055 Firmware | <101.008.099.28200 | |
Xerox Altalink B8055 | ||
Xerox Altalink B8065 Firmware | <101.008.099.28200 | |
Xerox Altalink B8065 | ||
Xerox Altalink B8075 Firmware | <101.008.099.28200 | |
Xerox Altalink B8075 | ||
Xerox Altalink B8090 Firmware | <101.008.099.28200 | |
Xerox Altalink B8090 | ||
Xerox Altalink C8030 Firmware | <101.001.099.28200 | |
Xerox Altalink C8030 | ||
Xerox Altalink C8035 Firmware | <101.001.099.28200 | |
Xerox AltaLink C8035 | ||
Xerox Altalink C8045 Firmware | <101.002.099.28200 | |
Xerox Altalink C8045 | ||
Xerox Altalink C8055 Firmware | <101.002.099.28200 | |
Xerox Altalink C8055 | ||
Xerox Altalink C8070 Firmware | <101.003.099.28200 | |
Xerox Altalink C8070 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Xerox printer vulnerability is CVE-2019-18629.
The severity of CVE-2019-18629 is high with a CVSS score of 8.1.
Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers are affected by CVE-2019-18629.
An attacker can exploit CVE-2019-18629 by executing an unwanted binary during an exploited clone install on the affected Xerox printers.
You can find more information about CVE-2019-18629 in the Xerox security bulletin at https://securitydocs.business.xerox.com/wp-content/uploads/2021/03/cert_Security_Mini_Bulletin_XRX19AI_for_ALB80xx-C80xx_v1.1.pdf.