The following appears on portswigger.net
By John Leyden – Xerox has addressed a vulnerability in its firmware that created a means for unauthenticated users to “remotely brick” some models of its network printers.
The vulnerability (CVE-2022-23968) predominantly affects Xerox VersaLink devices and offers a mechanism for attackers to crash and render temporarily unusable a targeted printer using a maliciously crafted TIFF file and an unauthenticated HTTP POST request.
The issue was uncovered by security researcher Mahmoud Al-Qudsi while developing a one-click scan-to-print daemon back in September 2019.
Click here to read the rest!
SOURCE The Daily Swig
SAP Puts Bullseye On Salesforce.com, Launches Plan To Become #1 In CRM
