CVE-2024-12511

High

Published: 03 February 2025

Published

03 February 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

EPSS Score 0.0022 44.4th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

With address book access, SMB/FTP settings could be modified, redirecting scans and possibly capturing credentials. This requires enabled scan functions and printer access.

Security Summary

CVE-2024-12511 affects Xerox VersaLink, Phaser, and WorkCentre printers. The vulnerability enables modification of SMB/FTP settings when an attacker has address book access, potentially redirecting scan jobs and capturing credentials. Exploitation requires enabled scan functions and printer access. It carries a CVSS v3.1 base score of 7.6 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L) and maps to CWE-306 (Missing Authentication for Critical Function) and CWE-522 (Insufficiently Protected Credentials).

A low-privileged network attacker (PR:L) with address book access can exploit this vulnerability with low complexity and no user interaction. They can alter SMB/FTP configurations to redirect scans to a malicious server, achieving high confidentiality impact by capturing credentials, along with low integrity and availability impacts through setting modifications.

Xerox Security Bulletin XRX25-003, published via https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox%C2%AE-for-VersaLinkPhaser-and-WorkCentre.pdf, details mitigations and patches for the affected VersaLink, Phaser, and WorkCentre devices.

Details

CWE(s): CWE-306CWE-522

References

https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox%C2%AE-for-VersaLinkPhaser-and-WorkCentre.pdf
10b61619-3869-496c-8a1e-f291b0e71e3f