Vulnerabilities > CVE-2019-13171 - Out-of-bounds Write vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

xerox

CWE-787

critical

NVD

Published: 2020-03-13

Updated: 2020-03-18

Summary

Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handling of the register parameters, because the size used within a memcpy() function, which copied the action value into a local variable, was not checked properly.

Vulnerable Configurations

Part	Description	Count
OS	Xerox Xerox Phaser 3320 Firmware V53.006.16.000	1
Hardware	Xerox Xerox Phaser 3320 -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References