Xerox Versalink C7025 Multifunction Printer: Pass-Back Attack Vulnerabilities (FIXED) | Rapid7 Blog

Xerox Versalink C7025 Multifunction printers are vulnerable to pass-back attacks, allowing malicious actors to capture authentication credentials for LDAP, SMB, and FTP services. The vulnerabilities, CVE-2024-12510 and CVE-2024-12511, can be exploited by altering the MFP’s configuration to send credentials to attacker-controlled systems. Organizations are advised to upgrade to the latest patched firmware or implement mitigations like complex passwords and disabling remote control for unauthenticated users.