Xerox VULNs 2025
Xerox Printers Vulnerability Let Attackers Capture Authentication Data From LDAP & SMB By Guru Baran - February 17, 2025 Xerox Printers Vulnerability Let Attackers Capture Authentication Data From LDAP & SMB Multiple vulnerabilities in enterprise-grade Xerox Versalink C7025 multifunction printers (MFPs) enable attackers to intercept authentication credentials from Lightweight Directory Access Protocol (LDAP) and Server Message Block (SMB) services. Designated as CVE-2024-12510 and CVE-2024-12511, these flaws allow malicious actors to execute “pass-back attacks” – a technique that redirects device authentication attempts to attacker-controlled systems. The vulnerabilities, discovered by Rapid7 Principal IoT Researcher Deral Heiland, affect firmware versions 57.69.91 and earlier on Xerox’s widely deployed enterprise printers. LDAP Pass-Back Exploitation (CVE-2024-12510) The LDAP vulnerability enables attackers with administrative access to the printer’s web...