CVE-2024-55926

CVE-2024-55926 is a vulnerability in Xerox Workplace Suite that enables arbitrary file read, upload, and deletion on the server through crafted header manipulation. The issue stems from improper validation of headers, allowing attackers to gain unauthorized access to data. It is associated with CWE-22 (Path Traversal) and CWE-434 (Unrestricted Upload of File with Dangerous Type), and carries a CVSS v3.1 base score of 7.6 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H), indicating high availability impact with low confidentiality and integrity effects.

Attackers with low-privileged network access (PR:L) can exploit this vulnerability without user interaction. By sending specially crafted headers, they can read sensitive files, upload malicious ones, or delete arbitrary server files, potentially leading to data exfiltration, persistence, or disruption of services on affected Xerox Workplace Suite instances.

Xerox has issued Security Bulletin XRX25-002, available at https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf, which provides details on mitigation and patching for Xerox Workplace Suite. Security practitioners should review this advisory for specific remediation steps tailored to their deployments.