|Name||Phaser 6700 Vulnerability|
|First Publish Date||27-Apr-16|
|Date of Current Status||9-Jun-16|
|Next Planned Update||16-Jun-16|
|Description||Security researchers from the Fraunhofer Institute have reported a vulnerability in the Phaser 6700, Phaser 7800, WorkCentre 75xx and 57xx families and the WorkCentre 6400 that may allow an attacker to install arbitrary software on the device using specially-crafted software upgrade modules or clone files (used to transfer settings from device to device). They also demonstrated an vulnerability related to a memory card on the internal device controller board. This second weakness affects all WorkCentre products.|
|What You Need To Know?||The first vulnerability could allow malicious software to be installed on the affected products. Disabling the software update capability and cloning feature will prevent this from being exploited. The second vulnerability requires the machine to be partially disassembled, the memory card altered and then returned to the machine. Do not allow unauthorized persons to perform hardware maintenance on any device.|
|What is Xerox Doing About This?||Xerox has consulted with the researchers on these vulnerabilities in the affected products to determine the best way to mitigate them. Patches for the first vulnerability will be announced as soon as they are available.|
|Impact||Exploiting the first vulnerability requires a specially-crafted software upgrade module or clone file, however a hacker toolkit is available that automates some of this process. The second vulnerability requires physical access to the internal device controller board.|
|What Should You Do?||
Turning off the software upgrade capability and cloning feature is strongly recommended until a patch is available. Only install software obtained directly from Xerox. Only clone device settings using trusted media that has been under physical control. Do not allow unauthorized persons to perform hardware maintenance on any device.
Xerox recommends that all devices be connected to a firewall or router and not directly connected to the public Internet. Make sure the administrator password is not left at the default value. Do not share the device administrator password with anyone who doesn’t have a need to know.
Xerox will publish information on patch availability as they are available.