cbcvebase.
CVE-2018-20767
published 2019-02-10

CVE-2018-20767: An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856…

PriorityP350high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EPSS
2.24%
80.6th percentile
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution.

Affected

29 ranges· showing 25
VendorProductVersion rangeFixed in
xeroxworkcentre_3655_firmware< 073.060.048.15000073.060.048.15000
xeroxworkcentre_3655i_firmware< 073.060.048.15000073.060.048.15000
xeroxworkcentre_5845_firmware< 073.190.048.15000073.190.048.15000
xeroxworkcentre_5865_firmware< 073.190.048.15000073.190.048.15000
xeroxworkcentre_5865i_firmware< 073.190.048.15000073.190.048.15000
xeroxworkcentre_5875_firmware< 073.190.048.15000073.190.048.15000
xeroxworkcentre_5875i_firmware< 073.190.048.15000073.190.048.15000
xeroxworkcentre_5890_firmware< 073.190.048.15000073.190.048.15000
xeroxworkcentre_5890i_firmware< 073.190.048.15000073.190.048.15000
xeroxworkcentre_5900_firmware< 073.091.048.15000073.091.048.15000
xeroxworkcentre_5900i_firmware< 073.091.048.15000073.091.048.15000
xeroxworkcentre_6655_firmware< 073.110.048.15000073.110.048.15000
xeroxworkcentre_6655i_firmware< 073.110.048.15000073.110.048.15000
xeroxworkcentre_7220_firmware< 073.030.048.15000073.030.048.15000
xeroxworkcentre_7220i_firmware< 073.030.048.15000073.030.048.15000
xeroxworkcentre_7225_firmware< 073.030.048.15000073.030.048.15000
xeroxworkcentre_7225i_firmware< 073.030.048.15000073.030.048.15000
xeroxworkcentre_7830_firmware< 073.010.048.15000073.010.048.15000
xeroxworkcentre_7830i_firmware< 073.010.048.15000073.010.048.15000
xeroxworkcentre_7835_firmware< 073.010.048.15000073.010.048.15000
xeroxworkcentre_7835i_firmware< 073.010.048.15000073.010.048.15000
xeroxworkcentre_7845_firmware< 073.040.048.15000073.040.048.15000
xeroxworkcentre_7845i_firmware< 073.040.048.15000073.040.048.15000
xeroxworkcentre_7855_firmware< 073.040.048.15000073.040.048.15000
xeroxworkcentre_7855i_firmware< 073.040.048.15000073.040.048.15000

CVSS provenance

nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.