Recent security vulnerabilities in Xerox VersaLink C7025 Multifunction printers are raising alarms. These flaws, affecting firmware versions 57.69.91 and earlier, allow attackers to execute pass-back attacks via LDAP and SMB/FTP services, potentially capturing sensitive authentication credentials. With these acquired credentials, malicious actors can infiltrate Windows Active Directory systems, compromising essential servers and file systems. Successful exploitation hinges on specific requirements, including access to MFP settings and the correct configuration of scanning functions, prompting manufacturers to release a patch to address these vulnerabilities.
Security vulnerabilities in Xerox VersaLink printers allow attackers to capture authentication credentials via pass-back attacks using LDAP and SMB/FTP services.
Collection
[
|
...
]