|Name||Phaser 6700 Vulnerability|
|First Publish Date||27-Apr-16|
|Date of Current Status||27-Apr-16|
|Next Planned Update||2-May-16|
|Description||Security researchers from the Fraunhofer Institute have reported a vulnerability in the Phaser 6700 that may allow an attacker to install arbitrary software on the device using specially-crafted software upgrade modules.|
|What You Need To Know?||This vulnerability could allow malicious software to be installed on the Phaser 6700. Disabling the software update capability will prevent this from being exploited.|
|What is Xerox Doing About This?||Xerox is investigating this vulnerability in the Phaser 6700 and determining the best way to mitigate it. Patches will be announced as soon as they are available.|
|Impact||Exploiting this vulnerability requires a specially-crafted software upgrade module, however a hacker toolkit is available that automates this process.|
|What Should You Do?||
Turning off the software upgrade capability is strongly recommended until a patch is available. Only install software obtained directly from Xerox.
Xerox recommends that all devices be connected to a firewall or router and not directly connected to the public Internet.
Xerox will publish information on patch availability as they are available.