CVE-2019-10960
Summary
| CVE | CVE-2019-10960 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-08-20 21:15:00 UTC |
| Updated | 2020-10-02 14:11:00 UTC |
| Description | Zebra Industrial Printers All Versions, Zebra printers are shipped with unrestricted end-user access to front panel options. If the option to use a passcode to limit the functionality of the front panel is applied, specially crafted packets could be sent over the same network to a port on the printer and the printer will respond with an array of information that includes the front panel passcode for the printer. Once the passcode is retrieved, an attacker must have physical access to the front panel of the printer to enter the passcode to access the full functionality of the front panel. |
Risk And Classification
Problem Types: CWE-522
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Zebra | 220xi4 | All | All | All | All |
| Hardware | Zebra | 220xi4 | All | All | All | All |
| Operating System | Zebra | 220xi4 Firmware | All | All | All | All |
| Operating System | Zebra | 220xi4 Firmware | All | All | All | All |
| Hardware | Zebra | Zt220 | All | All | All | All |
| Hardware | Zebra | Zt220 | All | All | All | All |
| Operating System | Zebra | Zt220 Firmware | All | All | All | All |
| Operating System | Zebra | Zt220 Firmware | All | All | All | All |
| Hardware | Zebra | Zt230 | All | All | All | All |
| Hardware | Zebra | Zt230 | All | All | All | All |
| Operating System | Zebra | Zt230 Firmware | All | All | All | All |
| Operating System | Zebra | Zt230 Firmware | All | All | All | All |
| Hardware | Zebra | Zt410 | All | All | All | All |
| Hardware | Zebra | Zt410 | All | All | All | All |
| Operating System | Zebra | Zt410 Firmware | All | All | All | All |
| Operating System | Zebra | Zt410 Firmware | All | All | All | All |
| Hardware | Zebra | Zt420 | All | All | All | All |
| Hardware | Zebra | Zt420 | All | All | All | All |
| Operating System | Zebra | Zt420 Firmware | All | All | All | All |
| Operating System | Zebra | Zt420 Firmware | All | All | All | All |
| Hardware | Zebra | Zt510 | All | All | All | All |
| Hardware | Zebra | Zt510 | All | All | All | All |
| Operating System | Zebra | Zt510 Firmware | All | All | All | All |
| Operating System | Zebra | Zt510 Firmware | All | All | All | All |
| Hardware | Zebra | Zt610 | All | All | All | All |
| Hardware | Zebra | Zt610 | All | All | All | All |
| Operating System | Zebra | Zt610 Firmware | All | All | All | All |
| Operating System | Zebra | Zt610 Firmware | All | All | All | All |
| Hardware | Zebra | Zt620 | All | All | All | All |
| Hardware | Zebra | Zt620 | All | All | All | All |
| Operating System | Zebra | Zt620 Firmware | All | All | All | All |
| Operating System | Zebra | Zt620 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Zebra Industrial Printers | CISA | MISC | www.us-cert.gov | Mitigation, Third Party Advisory, US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.