Known Vulnerabilities for products from Xerox
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Xerox".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Xerox can be found at device.report : Xerox
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-23968 | Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a c... | 7.5 - HIGH | 2022-01-26 | 2022-02-03 |
| CVE-2022-23321 | A persistent cross-site scripting (XSS) vulnerability exists on two input fields within the administrative panel when editing... | 4.8 - MEDIUM | 2022-02-10 | 2022-09-30 |
| CVE-2022-23320 | XMPie uStore 12.3.7244.0 allows for administrators to generate reports based on raw SQL queries. Since the application ships ... | 7.5 - HIGH | 2022-02-07 | 2023-08-08 |
| CVE-2021-37354 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-02-15 | 2022-02-24 |
| CVE-2021-28673 | Xerox Phaser 6510 before 64.61.23 and 64.59.11 (Bridge), WorkCentre 6515 before 65.61.23 and 65.59.11 (Bridge), VersaLink B40... | 9.8 - CRITICAL | 2021-03-29 | 2021-04-05 |
| CVE-2021-28672 | Xerox Phaser 6510 before 64.65.51 and 64.59.11 (Bridge), WorkCentre 6515 before 65.65.51 and 65.59.11 (Bridge), VersaLink B40... | 9.8 - CRITICAL | 2021-03-29 | 2021-04-05 |
| CVE-2021-28671 | Xerox Phaser 6510 before 64.65.51 and 64.59.11 (Bridge), WorkCentre 6515 before 65.65.51 and 65.59.11 (Bridge), VersaLink B40... | 9.8 - CRITICAL | 2021-03-29 | 2021-04-05 |
| CVE-2021-28670 | Xerox AltaLink B8045/B8090 before 103.008.030.32000, C8030/C8035 before 103.001.030.32000, C8045/C8055 before 103.002.030.320... | 9.1 - CRITICAL | 2021-03-29 | 2021-04-01 |
| CVE-2021-28669 | Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and... | 7.5 - HIGH | 2021-03-29 | 2021-04-01 |
| CVE-2021-28668 | Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and... | 9.8 - CRITICAL | 2021-03-29 | 2021-04-01 |
| CVE-2020-36201 | An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655... | 7.5 - HIGH | 2021-01-26 | 2021-07-21 |
| CVE-2020-26162 | Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 before 073.020.059.25300 devices allow XSS via Description pages. | 6.1 - MEDIUM | 2020-10-09 | 2020-10-23 |
| CVE-2020-9330 | Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentia... | 8.8 - HIGH | 2020-02-21 | 2021-07-21 |
| CVE-2019-19832 | Xerox AltaLink C8035 printers allow CSRF. A request to add users is made in the Device User Database form field to the xerox.... | 8.8 - HIGH | 2019-12-18 | 2019-12-23 |
| CVE-2019-18630 | On Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releas... | 7.5 - HIGH | 2021-03-04 | 2021-07-21 |
| CVE-2019-18629 | Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases ... | 8.1 - HIGH | 2021-03-04 | 2021-03-11 |
| CVE-2019-18628 | Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases ... | 4.9 - MEDIUM | 2021-03-04 | 2021-03-05 |
| CVE-2019-17184 | Xerox AtlaLink B8045/B8055/B8065/B8075/B8090 C8030/C8035/C8045/C8055/C8070 printers with software before 101.00x.089.22600 al... | 9.8 - CRITICAL | 2019-10-04 | 2020-08-24 |
| CVE-2019-13172 | Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Authenti... | 9.8 - CRITICAL | 2020-03-13 | 2020-03-18 |
| CVE-2019-13171 | Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnera... | 9.8 - CRITICAL | 2020-03-13 | 2020-03-18 |
Known software with vulnerabilities from Xerox
| Type | Vendor | Product | Version |
|---|---|---|---|
| Operating System | Xerox | Altalink C8035 Firmware | - |
| Operating System | Xerox | Atlalink | 101.001.089.22600 |
| Hardware | Xerox | Atlalink B8045 | - |
| Hardware | Xerox | Atlalink B8055 | - |
| Hardware | Xerox | Atlalink B8065 | - |
| Hardware | Xerox | Atlalink B8075 | - |
| Hardware | Xerox | Atlalink B8090 | - |
| Hardware | Xerox | Atlalink C8030 | - |
| Hardware | Xerox | Atlalink C8035 | - |
| Hardware | Xerox | Atlalink C8045 | - |
| Hardware | Xerox | Atlalink C8055 | - |
| Hardware | Xerox | Atlalink C8070 | - |
| Operating System | Xerox | Atlalink Firmware | 101.001.089.22600 |
| Hardware | Xerox | Colorqube 8570 | - |
| Hardware | Xerox | Colorqube 8700 | - |
| Operating System | Xerox | Colorqube 8700 Firmware | 072.161.009.07200 |
| Hardware | Xerox | Colorqube 8900 | - |
| Operating System | Xerox | Colorqube 8900 Firmware | 072.161.009.07200 |
| Hardware | Xerox | Colorqube 9201 | - |
| Hardware | Xerox | Colorqube 9203 | - |