TROYANOSYVIRUS
Back to CVEs

CVE-2020-36201

HIGH
7.5

Description

An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices.

CVE Details

CVSS v3.1 Score7.5
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published1/26/2021
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0

Affected Products

xerox:workcentre_3655xerox:workcentre_3655_firmwarexerox:workcentre_3655ixerox:workcentre_3655i_firmwarexerox:workcentre_5865xerox:workcentre_5865_firmwarexerox:workcentre_5865ixerox:workcentre_5865i_firmwarexerox:workcentre_5875xerox:workcentre_5875_firmwarexerox:workcentre_5875ixerox:workcentre_5875i_firmwarexerox:workcentre_5890xerox:workcentre_5890_firmwarexerox:workcentre_5890ixerox:workcentre_5890i_firmwarexerox:workcentre_5945xerox:workcentre_5945_firmwarexerox:workcentre_5945ixerox:workcentre_5945i_firmwarexerox:workcentre_5955xerox:workcentre_5955_firmwarexerox:workcentre_5955ixerox:workcentre_5955i_firmwarexerox:workcentre_6655xerox:workcentre_6655_firmwarexerox:workcentre_6655ixerox:workcentre_6655i_firmwarexerox:workcentre_7220xerox:workcentre_7220_firmwarexerox:workcentre_7220ixerox:workcentre_7220i_firmwarexerox:workcentre_7225xerox:workcentre_7225_firmwarexerox:workcentre_7225ixerox:workcentre_7225i_firmwarexerox:workcentre_7830xerox:workcentre_7830_firmwarexerox:workcentre_7830ixerox:workcentre_7830i_firmwarexerox:workcentre_7835xerox:workcentre_7835_firmwarexerox:workcentre_7835ixerox:workcentre_7835i_firmwarexerox:workcentre_7845xerox:workcentre_7845_firmwarexerox:workcentre_7845ixerox:workcentre_7845i_firmwarexerox:workcentre_7855xerox:workcentre_7855_firmwarexerox:workcentre_7855ixerox:workcentre_7855i_firmwarexerox:workcentre_7970xerox:workcentre_7970_firmwarexerox:workcentre_7970ixerox:workcentre_7970i_firmwarexerox:workcentre_ec7836xerox:workcentre_ec7836_firmwarexerox:workcentre_ec7856xerox:workcentre_ec7856_firmware

Weaknesses (CWE)

CWE-327

References

https://securitydocs.business.xerox.com/wp-content/uploads/2020/06/cert_Security_Mini_Bulletin_XRX20L_for_ConnectKey-1.pdf(cve@mitre.org)
https://securitydocs.business.xerox.com/wp-content/uploads/2020/06/cert_Security_Mini_Bulletin_XRX20L_for_ConnectKey-1.pdf(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.