CVE-2024-12511

high

Description

With address book access, SMB/FTP settings could be modified, redirecting scans and possibly capturing credentials. This requires enabled scan functions and printer access.

References

References
More

https://www.darkreading.com/iot/xerox-printer-vulnerabilities-credential-capture

https://thehackernews.com/2025/02/new-xerox-printer-flaws-could-let.html

https://www.securityweek.com/xerox-versalink-printer-vulnerabilities-enable-lateral-movement/

https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox%C2%AE-for-VersaLinkPhaser-and-WorkCentre.pdf

Details

Source: Mitre, NVD

Published: 2025-02-03

Updated: 2026-04-15

Risk Information

CVSS v2

Base Score: 8

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.6

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L