Multiple Xerox printer models have been found to have a severe security vulnerability, which allows attackers with administrative access to completely take control of the devices.
According to SEC Consult, the high-severity flaw tracked as CVE-2024-6333 affects various printer lines, including EC80xx, AltaLink, VersaLink, and WorkCentre series.
The security flaw enables authenticated attackers to execute arbitrary commands with root privileges on the printer’s operating system through the device’s web interface.
This remote code execution (RCE) vulnerability exists in the “Network Troubleshooting” menu, where administrators can configure network troubleshooting settings using the tcpdump tool....more here