CVE-2022-23968
First published: Wed Jan 26 2022(Updated: )
Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a crafted TIFF file in an unauthenticated HTTP POST request. There is a permanent denial of service because image parsing causes a reboot, but image parsing is restarted as soon as the boot process finishes. However, this boot loop can be resolved by a field technician. The TIFF file must have an incomplete Image Directory. Affected firmware versions include xx.42.01 and xx.50.61. NOTE: the 2022-01-24 NeoSmart article included "believed to affect all previous and later versions as of the date of this posting" but a 2022-01-26 vendor statement reports "the latest versions of firmware are not vulnerable to this issue."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xerox Versalink Firmware | <=42.01 | |
| Xerox Versalink Firmware | >=50.00<=50.61 | |
| Xerox Versalink B400 | ||
| Xerox Versalink B405 | ||
| Xerox Versalink B600 | ||
| Xerox Versalink B610 | ||
| Xerox Versalink B7025 | ||
| Xerox Versalink B7030 | ||
| Xerox Versalink B7035 | ||
| Xerox Versalink C400 | ||
| Xerox Versalink C405 | ||
| Xerox Versalink C500 | ||
| Xerox Versalink C505 | ||
| Xerox Versalink C600 | ||
| Xerox Versalink C605 | ||
| Xerox Versalink C7000 | ||
| Xerox Versalink C7020 | ||
| Xerox Versalink C7025 | ||
| Xerox Versalink C7030 | ||
| Xerox Versalink C8000 | ||
| Xerox Versalink C8000w | ||
| Xerox Versalink C9000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-23968?
CVE-2022-23968 is a vulnerability that allows remote attackers to brick Xerox VersaLink devices via a crafted TIFF file in an unauthenticated HTTP POST request, causing a permanent denial of service.
Which devices are affected by CVE-2022-23968?
Xerox VersaLink devices on specific versions of firmware before 2022-01-26 are affected by CVE-2022-23968.
How severe is CVE-2022-23968?
CVE-2022-23968 has a severity score of 7.5 (High).
How can I fix CVE-2022-23968?
To fix CVE-2022-23968, update the firmware of your Xerox VersaLink device to version 2022-01-26 or later.
Where can I find more information about CVE-2022-23968?
You can find more information about CVE-2022-23968 at the following references: [Reference 1](https://neosmart.net/blog/2022/xerox-vulnerability-allows-unauthenticated-network-users-to-remotely-brick-printers/), [Reference 2](https://twitter.com/mqudsi/status/1485756915187695618)
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/tags
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/xerox
- canonical/xerox versalink firmware
- version/xerox versalink firmware/42.01
- version/xerox versalink firmware/50.00
- version/xerox versalink firmware/50.61
- canonical/xerox versalink b400
- canonical/xerox versalink b405
- canonical/xerox versalink b600
- canonical/xerox versalink b610
- canonical/xerox versalink b7025
- canonical/xerox versalink b7030
- canonical/xerox versalink b7035
- canonical/xerox versalink c400
- canonical/xerox versalink c405
- canonical/xerox versalink c500
- canonical/xerox versalink c505
- canonical/xerox versalink c600
- canonical/xerox versalink c605
- canonical/xerox versalink c7000
- canonical/xerox versalink c7020
- canonical/xerox versalink c7025
- canonical/xerox versalink c7030
- canonical/xerox versalink c8000
- canonical/xerox versalink c8000w
- canonical/xerox versalink c9000