8.1
Advisory Published
Updated

CVE-2019-18629

First published: Thu Mar 04 2021(Updated: )

Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow an attacker to execute an unwanted binary during a exploited clone install. This requires creating a clone file and signing that file with a compromised private key.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Xerox Altalink B8045 Firmware<101.008.099.28200
Xerox AltaLink B8045
Xerox Altalink B8055 Firmware<101.008.099.28200
Xerox Altalink B8055
Xerox Altalink B8065 Firmware<101.008.099.28200
Xerox Altalink B8065
Xerox Altalink B8075 Firmware<101.008.099.28200
Xerox Altalink B8075
Xerox Altalink B8090 Firmware<101.008.099.28200
Xerox Altalink B8090
Xerox Altalink C8030 Firmware<101.001.099.28200
Xerox Altalink C8030
Xerox Altalink C8035 Firmware<101.001.099.28200
Xerox AltaLink C8035
Xerox Altalink C8045 Firmware<101.002.099.28200
Xerox Altalink C8045
Xerox Altalink C8055 Firmware<101.002.099.28200
Xerox Altalink C8055
Xerox Altalink C8070 Firmware<101.003.099.28200
Xerox Altalink C8070

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the vulnerability ID for this Xerox printer vulnerability?

    The vulnerability ID for this Xerox printer vulnerability is CVE-2019-18629.

  • What is the severity of CVE-2019-18629?

    The severity of CVE-2019-18629 is high with a CVSS score of 8.1.

  • Which Xerox printer models are affected by CVE-2019-18629?

    Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers are affected by CVE-2019-18629.

  • How can an attacker exploit CVE-2019-18629?

    An attacker can exploit CVE-2019-18629 by executing an unwanted binary during an exploited clone install on the affected Xerox printers.

  • Where can I find more information about CVE-2019-18629?

    You can find more information about CVE-2019-18629 in the Xerox security bulletin at https://securitydocs.business.xerox.com/wp-content/uploads/2021/03/cert_Security_Mini_Bulletin_XRX19AI_for_ALB80xx-C80xx_v1.1.pdf.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203