CVE-2024-6333 Authenticated Remote Code Execution in Altalink, Versalink & WorkCentre Products

🗓️ 17 Oct 2024 13:51:16Reported by XeroxType

Authenticated Remote Code Execution in Altalink, Versalink & WorkCentre Product

Reporter	Title	Published	Views	Family All 10
0day.today	Xerox Printers Authenticated Remote Code Execution Vulnerability	30 Oct 202400:00	–	zdt
BDU FSTEC	The vulnerability of microprogrammed multifunctional devices (MFUs) such as Xerox Altalink, Versalink, and WorkCentre lies in the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows a perpetrator to execute arbitrary code.	30 Oct 202400:00	–	bdu_fstec
Circl	CVE-2024-6333	17 Oct 202416:38	–	circl
CNNVD	Xerox多款产品安全漏洞	17 Oct 202400:00	–	cnnvd
CVE	CVE-2024-6333	17 Oct 202413:51	–	cve
EUVD	EUVD-2024-47447	3 Oct 202520:07	–	euvd
NVD	CVE-2024-6333	17 Oct 202414:15	–	nvd
Packet Storm	Xerox Printers Authenticated Remote Code Execution	29 Oct 202400:00	–	packetstorm
Positive Technologies	PT-2023-9607 · Xerox · Xerox Altalink +2	14 Dec 202300:00	–	ptsecurity
Vulnrichment	CVE-2024-6333 Authenticated Remote Code Execution in Altalink, Versalink & WorkCentre Products	17 Oct 202413:51	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "AltaLink® B8045 / B8055 / B8065 / B8075 / B8090 | C8030 / C8035 / C8045 / C8055 / C807",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "103.xxx.024.18600",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Xerox® EC8036 / EC8056",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "103.xxx.024.18600"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Xerox® EC8036 / EC8056 - Common Criteria (June 2022)",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "103.023.031.35105"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Xerox® EC8036 / EC8056 - Common Criteria (June 2024)",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "103.xxx.013.14115"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "AltaLink®C8130 / C8135 / C8145 / C8155 / C8170 | B8145 / B8155 / B8170 Common Criteria (Aug 2024)",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "119.xxx.023.13006"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "AltaLink® C8130 / C8135 / C8145 / C8155 / C8170 | B8145 / B8155 / B8170 Common Criteria Certified (Aug 2023)",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "111.xxx.003.11600"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VersaLink® B625 / C625 | B425 / C425 Common Criteria Certified (2024)",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "119.xxx.003.11705"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "WorkCentre 3655/3655i",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "075.060.004.07810"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "WorkCentre 5945/55i",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "075.091.004.07810"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "WorkCentre 6655/6655i",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "075.110.004.07810"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "WorkCentre 7220/7225i",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "075.030.004.07810"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "WorkCentre 7830/7835i",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "075.010 004.07810"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "WorkCentre 7845/7855i",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "075.040.004.07810"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "WorkCentre 7845/7855 (IBG)",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "075.080.004.07810"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "WorkCentre 7970/7970i",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "075.200.004.07810"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "WorkCentre EC7836",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "075.050.004.07810"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "WorkCentre EC7856",
    "vendor": "Xerox",
    "versions": [
      {
        "status": "affected",
        "version": "075.020.004.07810"
      }
    ]
  }
]

Source	Link
securitydocs	www.securitydocs.business.xerox.com/wp-content/uploads/2024/10/Xerox-Security-Bulletin-XRX24-015-for-Altalink-Versalink-and-WorkCentre-%E2%80%93-CVE-2024-6333-.pdf

17 Sep 2025 16:52Current

CVSS 3.17.2

EPSS0.01214