CVE-2020-9330

Name of the Vulnerable Software and Affected Versions Xerox WorkCentre printers versions prior to 073.xxx.000.02300 Xerox WorkCentre 3655* versions prior to 073.xxx.000.02300 Xerox WorkCentre 3655i* versions prior to 073.xxx.000.02300 Xerox WorkCentre 58XX* versions prior to 073.xxx.000.02300 Xerox WorkCentre 58XXi* versions prior to 073.xxx.000.02300 Xerox WorkCentre 59XX* versions prior to 073.xxx.000.02300 Xerox WorkCentre 59XXi* versions prior to 073.xxx.000.02300 Xerox WorkCentre 6655** versions prior to 073.xxx.000.02300 Xerox WorkCentre 6655i** versions prior to 073.xxx.000.02300 Xerox WorkCentre 72XX* versions prior to 073.xxx.000.02300 Xerox WorkCentre 72XXi* versions prior to 073.xxx.000.02300 Xerox WorkCentre 78XX** versions prior to 073.xxx.000.02300 Xerox WorkCentre 78XXi** versions prior to 073.xxx.000.02300 Xerox WorkCentre 7970** versions prior to 073.xxx.000.02300 Xerox WorkCentre 7970i** versions prior to 073.xxx.000.02300 Xerox WorkCentre EC7836** versions prior to 073.xxx.000.02300 Xerox WorkCentre EC7856** versions prior to 073.xxx.000.02300

Description The issue allows a malicious actor who gains access to affected devices to change the LDAP connection IP address to a system owned by the actor without knowledge of the LDAP bind credentials. After changing the LDAP connection IP address, subsequent authentication attempts will result in the printer sending plaintext LDAP (Active Directory) credentials to the actor. Although the credentials may belong to a non-privileged user, organizations frequently use privileged service accounts to bind to Active Directory. The attacker gains a foothold on the Active Directory domain at a minimum, and may use the credentials to take over control of the Active Directory domain.

Recommendations For Xerox WorkCentre printers versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre 3655* versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre 3655i* versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre 58XX* versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre 58XXi* versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre 59XX* versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre 59XXi* versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre 6655** versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre 6655i** versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre 72XX* versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre 72XXi* versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre 78XX** versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre 78XXi** versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre 7970** versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre 7970i** versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre EC7836** versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue. For Xerox WorkCentre EC7856** versions prior to 073.xxx.000.02300, update to a version 073.xxx.000.02300 or later to resolve the issue.