Researchers found some critical security vulnerabilities affecting Xerox digital assets. Exploiting the vulnerabilities could allow an unauthenticated attacker to break into the target system. Fortunately, Xerox could fix the bugs before they would attract potential adversaries.
Xerox Digital Assets Vulnerabilities
The Swascan Cyber Security Team has shared insights about their findings regarding some serious vulnerabilities in Xerox digital assets.
As elaborated in their advisory, Swascan found at least two different vulnerabilities affecting three different Xerox targets. Specifically, they found these vulnerabilities while running passive scans via their Domain Threat Intelligence (DTI) tool.
While the advisory does not specifically mention the affected areas regarding the bugs, it highlights the following two vulnerabilities.
- User enumeration
- RDP Network Level Authentication not configured
By exploiting these two vulnerabilities, a potential adversary could meddle with Xerox systems causing disruptive attacks.
These bugs may have a domino effect, like most other supply-chain attacks since, when reached out by Swascan, Xerox investigated the matter and could confirm the bugs affected third-party systems.
As stated in the advisory,
Through Xerox’s own investigation it was found that both the hosts are not owned/managed by Xerox and they were a result of past or current business association with a third-party organization.
Xerox Fixed The Bugs
Upon discovering the bugs, Swascan responsibly disclosed the matter to Xerox, letting them address the issues.
Specifically, the researchers recommended the vendors implement an effective account lockout policy to limit the number of failed login attempts. This would prevent potential attackers from hacking the accounts via brute force and repeated logins.
Whereas Xerox confirmed to have ended up the association with the affected systems.
Nonetheless, this incident reiterates the importance of thorough security assessments, including third-party vendors.
Commenting further on this, Pierguido Iezzi, CEO of Swascan, told Latest Hacking News,
The increasing diversity of digital infrastructure in businesses and the tools we use to manage and secure it make supply chain attacks like this both an attractive target for attackers and a huge challenge for security and IT teams to manage.
That’s why it’s absolutely imperative for companies – when it comes to defending their digital perimeter – to thoroughly assess their entire supply chain.
Also, organizations, including small businesses, can conduct periodic web app assessments and other network security tests by hiring cybersecurity experts. This will let them fix the issues in time and boost the confidence of the clients and customers on the business security.
Let us know your thoughts in the comments.