Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-46327

Multiple MFPs (multifunction printers) provided by FUJIFILM Business Innovation Corp. and Xerox Corporation provide a facility to export the contents of their Address Book with encrypted form, but the encryption strength is insufficient. With the knowledge of the encryption process and the encryption key, the information such as the server credentials may be obtained from the exported Address Book data. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

Security Impact Summary

This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 5.9, indicating it can be exploited remotely over the network but requires specific conditions to be met without requiring user interaction and does not require pre-existing privileges . The vulnerability impacts confidentiality (data exposure), for affected systems. Impacting 186 products from xerox, from xerox, from xerox and 183 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2023, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2023-11-02T03:15:10.173

Last Modified

2024-11-21T08:28:18.613

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.9 (MEDIUM)

Weaknesses

Type: Primary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	xerox	primelink_c9065_firmware	< 85.40.31	Yes
Hardware	xerox	primelink_c9065	-	No
Operating System	xerox	primelink_c9070_firmware	< 85.40.31	Yes
Hardware	xerox	primelink_c9070	-	No
Operating System	xerox	primelink_b9136_firmware	< 90.40.91	Yes
Hardware	xerox	primelink_b9136	-	No
Operating System	xerox	primelink_b9125_firmware	< 90.40.91	Yes
Hardware	xerox	primelink_b9125	-	No
Operating System	xerox	primelink_b9110_firmware	< 90.40.91	Yes
Hardware	xerox	primelink_b9110	-	No
Operating System	xerox	primelink_b9100_firmware	< 90.40.91	Yes
Hardware	xerox	primelink_b9100	-	No
Operating System	xerox	versalink_c405_firmware	< 68.81.41	Yes
Hardware	xerox	versalink_c405	-	No
Operating System	xerox	versalink_c505_firmware	< 68.81.41	Yes
Hardware	xerox	versalink_c505	-	No
Operating System	xerox	versalink_c605_firmware	< 68.81.41	Yes
Hardware	xerox	versalink_c605	-	No
Operating System	xerox	versalink_c7000_firmware	< 56.74.51	Yes
Hardware	xerox	versalink_c7000	-	No
Operating System	xerox	versalink_c7020_firmware	< 57.74.51	Yes
Hardware	xerox	versalink_c7020	-	No
Operating System	xerox	versalink_c7025_firmware	< 57.74.51	Yes
Hardware	xerox	versalink_c7025	-	No
Operating System	xerox	versalink_c7030_firmware	< 57.74.51	Yes
Hardware	xerox	versalink_c7030	-	No
Operating System	xerox	versalink_c7130_firmware	< 69.23.41	Yes
Hardware	xerox	versalink_c7130	-	No
Operating System	xerox	versalink_c7125_firmware	< 69.23.41	Yes
Hardware	xerox	versalink_c7125	-	No
Operating System	xerox	versalink_c7120_firmware	< 69.23.41	Yes
Hardware	xerox	versalink_c7120	-	No
Operating System	xerox	versalink_b405_firmware	< 38.81.41	Yes
Hardware	xerox	versalink_b405	-	No
Operating System	xerox	versalink_b605_firmware	< 38.81.41	Yes
Hardware	xerox	versalink_b605	-	No
Operating System	xerox	versalink_b615_firmware	< 38.81.41	Yes
Hardware	xerox	versalink_b615	-	No
Operating System	xerox	versalink_b7125_firmware	< 59.23.41	Yes
Hardware	xerox	versalink_b7125	-	No
Operating System	xerox	versalink_b7130_firmware	< 59.23.41	Yes
Hardware	xerox	versalink_b7130	-	No
Operating System	xerox	versalink_b7135_firmware	< 59.23.41	Yes
Hardware	xerox	versalink_b7135	-	No
Operating System	xerox	workcentre_6515_firmware	< 65.74.51	Yes
Hardware	xerox	workcentre_6515	-	No
Operating System	fujifilm	apeos_3560_firmware	≤ 1.2.16	Yes
Operating System	fujifilm	apeos_3560_firmware	≤ 1.26.10	Yes
Hardware	fujifilm	apeos_3560	-	No
Operating System	fujifilm	apeos_3060_firmware	≤ 1.2.16	Yes
Operating System	fujifilm	apeos_3060_firmware	≤ 1.26.10	Yes
Hardware	fujifilm	apeos_3060	-	No
Operating System	fujifilm	apeos_2560_firmware	≤ 1.2.16	Yes
Operating System	fujifilm	apeos_2560_firmware	≤ 1.26.10	Yes
Hardware	fujifilm	apeos_2560	-	No
Operating System	fujifilm	apeos_3560_gk_firmware	≤ 1.2.16	Yes
Operating System	fujifilm	apeos_3560_gk_firmware	≤ 1.26.10	Yes
Hardware	fujifilm	apeos_3560_gk	-	No
Operating System	fujifilm	apeos_3060_gk_firmware	≤ 1.2.16	Yes
Operating System	fujifilm	apeos_3060_gk_firmware	≤ 1.26.10	Yes
Hardware	fujifilm	apeos_3060_gk	-	No
Operating System	fujifilm	apeos_2560_gk_firmware	≤ 1.2.16	Yes
Operating System	fujifilm	apeos_2560_gk_firmware	≤ 1.26.10	Yes
Hardware	fujifilm	apeos_2560_gk	-	No
Operating System	fujifilm	apeos_5330_firmware	< 1.20.9	Yes
Hardware	fujifilm	apeos_5330	-	No
Operating System	fujifilm	apeos_4830_firmware	< 1.20.9	Yes
Hardware	fujifilm	apeos_4830	-	No
Operating System	fujifilm	apeos_5570_firmware	≤ 1.3.6	Yes
Operating System	fujifilm	apeos_5570_firmware	≤ 1.26.9	Yes
Hardware	fujifilm	apeos_5570	-	No
Operating System	fujifilm	apeos_4570_firmware	≤ 1.3.6	Yes
Operating System	fujifilm	apeos_4570_firmware	≤ 1.26.9	Yes
Hardware	fujifilm	apeos_4570	-	No
Operating System	fujifilm	apeos_6340_firmware	≤ 1.2.11	Yes
Operating System	fujifilm	apeos_6340_firmware	≤ 1.20.6	Yes
Hardware	fujifilm	apeos_6340	-	No
Operating System	fujifilm	apeos_7580_firmware	< 1.26.9	Yes
Hardware	fujifilm	apeos_7580	-	No
Operating System	fujifilm	apeos_6580_firmware	< 1.26.9	Yes
Hardware	fujifilm	apeos_6580	-	No
Operating System	fujifilm	apeos_c2570_firmware	≤ 1.3.7	Yes
Operating System	fujifilm	apeos_c2570_firmware	≤ 1.26.11	Yes
Hardware	fujifilm	apeos_c2570	-	No
Operating System	fujifilm	apeos_c3070_firmware	≤ 1.3.7	Yes
Operating System	fujifilm	apeos_c3070_firmware	≤ 1.26.11	Yes
Hardware	fujifilm	apeos_c3070	-	No
Operating System	fujifilm	apeos_c3570_firmware	≤ 1.3.7	Yes
Operating System	fujifilm	apeos_c3570_firmware	≤ 1.26.11	Yes
Hardware	fujifilm	apeos_c3570	-	No
Operating System	fujifilm	apeos_c4570_firmware	≤ 1.3.7	Yes
Operating System	fujifilm	apeos_c4570_firmware	≤ 1.26.11	Yes
Hardware	fujifilm	apeos_c4570	-	No
Operating System	fujifilm	apeos_c5570_firmware	≤ 1.3.7	Yes
Operating System	fujifilm	apeos_c5570_firmware	≤ 1.26.11	Yes
Hardware	fujifilm	apeos_c5570	-	No
Operating System	fujifilm	apeos_c6570_firmware	≤ 1.3.7	Yes
Operating System	fujifilm	apeos_c6570_firmware	≤ 1.26.11	Yes
Hardware	fujifilm	apeos_c6570	-	No
Operating System	fujifilm	apeos_c7070_firmware	≤ 1.3.7	Yes
Operating System	fujifilm	apeos_c7070_firmware	≤ 1.26.11	Yes
Hardware	fujifilm	apeos_c7070	-	No
Operating System	fujifilm	apeos_c3060_firmware	≤ 1.2.14	Yes
Operating System	fujifilm	apeos_c3060_firmware	≤ 1.26.10	Yes
Hardware	fujifilm	apeos_c3060	-	No
Operating System	fujifilm	apeos_c2060_firmware	≤ 1.2.14	Yes
Operating System	fujifilm	apeos_c2060_firmware	≤ 1.26.10	Yes
Hardware	fujifilm	apeos_c2060	-	No
Operating System	fujifilm	apeos_c2560_firmware	≤ 1.2.14	Yes
Operating System	fujifilm	apeos_c2560_firmware	≤ 1.26.10	Yes
Hardware	fujifilm	apeos_c2560	-	No
Operating System	fujifilm	apeos_c3060_gk_firmware	≤ 1.2.14	Yes
Operating System	fujifilm	apeos_c3060_gk_firmware	≤ 1.26.10	Yes
Hardware	fujifilm	apeos_c3060_gk	-	No
Operating System	fujifilm	apeos_c2560_gk_firmware	≤ 1.2.14	Yes
Operating System	fujifilm	apeos_c2560_gk_firmware	≤ 1.26.10	Yes
Hardware	fujifilm	apeos_c2560_gk	-	No
Operating System	fujifilm	apeos_c2060_gk_firmware	≤ 1.2.14	Yes
Operating System	fujifilm	apeos_c2060_gk_firmware	≤ 1.26.10	Yes
Hardware	fujifilm	apeos_c2060_gk	-	No
Operating System	fujifilm	apeos_c4030_firmware	< 1.20.10	Yes
Hardware	fujifilm	apeos_c4030	-	No
Operating System	fujifilm	apeos_c3530_firmware	< 1.20.10	Yes
Hardware	fujifilm	apeos_c3530	-	No
Operating System	fujifilm	apeos_c5240_firmware	≤ 1.2.12	Yes
Operating System	fujifilm	apeos_c5240_firmware	≤ 1.20.6	Yes
Hardware	fujifilm	apeos_c5240	-	No
Operating System	fujifilm	apeos_c8180_firmware	≤ 1.3.7	Yes
Operating System	fujifilm	apeos_c8180_firmware	≤ 1.26.12	Yes
Hardware	fujifilm	apeos_c8180	-	No
Operating System	fujifilm	apeos_c7580_firmware	≤ 1.3.7	Yes
Operating System	fujifilm	apeos_c7580_firmware	≤ 1.26.12	Yes
Hardware	fujifilm	apeos_c7580	-	No
Operating System	fujifilm	apeos_c6580_firmware	≤ 1.3.7	Yes
Operating System	fujifilm	apeos_c6580_firmware	≤ 1.26.12	Yes
Hardware	fujifilm	apeos_c6580	-	No
Operating System	fujifilm	apeosport_c3060_firmware	≤ 1.60.15	Yes
Hardware	fujifilm	apeosport_c3060	-	No
Operating System	fujifilm	apeosport_c2560_firmware	≤ 1.60.15	Yes
Hardware	fujifilm	apeosport_c2560	-	No
Operating System	fujifilm	apeosport_c2060_firmware	≤ 1.60.15	Yes
Hardware	fujifilm	apeosport_c2060	-	No
Operating System	fujifilm	apeosport_c3060_g_firmware	≤ 1.60.15	Yes
Hardware	fujifilm	apeosport_c3060_g	-	No
Operating System	fujifilm	apeosport_c2560_g_firmware	≤ 1.60.15	Yes
Hardware	fujifilm	apeosport_c2560_g	-	No
Operating System	fujifilm	apeosport_c2060_g_firmware	≤ 1.60.15	Yes
Hardware	fujifilm	apeosport_c2060_g	-	No
Operating System	fujifilm	apeosport_3560_firmware	≤ 1.60.16	Yes
Hardware	fujifilm	apeosport_3560	-	No
Operating System	fujifilm	apeosport_3060_firmware	≤ 1.60.16	Yes
Hardware	fujifilm	apeosport_3060	-	No
Operating System	fujifilm	apeosport_2560_firmware	≤ 1.60.16	Yes
Hardware	fujifilm	apeosport_2560	-	No
Operating System	fujifilm	apeosport_3560_g_firmware	≤ 1.60.16	Yes
Hardware	fujifilm	apeosport_3560_g	-	No
Operating System	fujifilm	apeosport_3060_g_firmware	≤ 1.60.16	Yes
Hardware	fujifilm	apeosport_3060_g	-	No
Operating System	fujifilm	apeosport_2560_g_firmware	≤ 1.60.16	Yes
Hardware	fujifilm	apeosport_2560_g	-	No
Operating System	fujifilm	apeosport_5570_firmware	≤ 1.60.16	Yes
Hardware	fujifilm	apeosport_5570	-	No
Operating System	fujifilm	apeosport_4570_firmware	≤ 1.60.16	Yes
Hardware	fujifilm	apeosport_4570	-	No
Operating System	fujifilm	apeosport_3570_firmware	≤ 1.60.16	Yes
Hardware	fujifilm	apeosport_3570	-	No
Operating System	fujifilm	apeosport_5570_g_firmware	≤ 1.60.16	Yes
Hardware	fujifilm	apeosport_5570_g	-	No
Operating System	fujifilm	apeosport_4570_g_firmware	≤ 1.60.16	Yes
Hardware	fujifilm	apeosport_4570_g	-	No
Operating System	fujifilm	apeosport_c7070_firmware	≤ 1.60.18	Yes
Hardware	fujifilm	apeosport_c7070	-	No
Operating System	fujifilm	apeosport_c6570_firmware	≤ 1.60.18	Yes
Hardware	fujifilm	apeosport_c6570	-	No
Operating System	fujifilm	apeosport_c5570_firmware	≤ 1.60.18	Yes
Hardware	fujifilm	apeosport_c5570	-	No
Operating System	fujifilm	apeosport_c4570_firmware	≤ 1.60.18	Yes
Hardware	fujifilm	apeosport_c4570	-	No
Operating System	fujifilm	apeosport_c3570_firmware	≤ 1.60.18	Yes
Hardware	fujifilm	apeosport_c3570	-	No
Operating System	fujifilm	apeosport_c3070_firmware	≤ 1.60.18	Yes
Hardware	fujifilm	apeosport_c3070	-	No
Operating System	fujifilm	apeosport-vii_5021_firmware	< 1.60.3	Yes
Operating System	fujifilm	apeosport-vii_5021_firmware	< 1.60.16	Yes
Hardware	fujifilm	apeosport-vii_5021	-	No
Operating System	fujifilm	apeosport-vii_4021_firmware	< 1.60.3	Yes
Operating System	fujifilm	apeosport-vii_4021_firmware	< 1.60.16	Yes
Hardware	fujifilm	apeosport-vii_4021	-	No
Operating System	fujifilm	apeosport-vii_c4421_firmware	< 1.60.3	Yes
Operating System	fujifilm	apeosport-vii_c4421_firmware	< 1.60.16	Yes
Hardware	fujifilm	apeosport-vii_c4421	-	No
Operating System	fujifilm	apeosport-vii_c3321_firmware	< 1.60.3	Yes
Operating System	fujifilm	apeosport-vii_c3321_firmware	< 1.60.16	Yes
Hardware	fujifilm	apeosport-vii_c3321	-	No
Operating System	fujifilm	apeospro_c810_firmware	≤ 1.3.6	Yes
Operating System	fujifilm	apeospro_c810_firmware	≤ 1.26.14	Yes
Hardware	fujifilm	apeospro_c810	-	No
Operating System	fujifilm	apeospro_c750_firmware	≤ 1.3.6	Yes
Operating System	fujifilm	apeospro_c750_firmware	≤ 1.26.14	Yes
Hardware	fujifilm	apeospro_c750	-	No
Operating System	fujifilm	apeospro_c650_firmware	≤ 1.3.6	Yes
Operating System	fujifilm	apeospro_c650_firmware	≤ 1.26.14	Yes
Hardware	fujifilm	apeospro_c650	-	No
Operating System	fujifilm	primelink_c9070_firmware	< 1.145.4	Yes
Hardware	fujifilm	primelink_c9070	-	No
Operating System	fujifilm	primelink_c9065_firmware	< 1.145.4	Yes
Hardware	fujifilm	primelink_c9065	-	No
Operating System	fujifilm	revoria_press_e1136_firmware	≤ 1.3.5	Yes
Operating System	fujifilm	revoria_press_e1136_firmware	≤ 1.26.11	Yes
Hardware	fujifilm	revoria_press_e1136	-	No
Operating System	fujifilm	revoria_press_e1125_firmware	≤ 1.3.5	Yes
Operating System	fujifilm	revoria_press_e1125_firmware	≤ 1.26.11	Yes
Hardware	fujifilm	revoria_press_e1125	-	No
Operating System	fujifilm	revoria_press_e1110_firmware	≤ 1.3.5	Yes
Operating System	fujifilm	revoria_press_e1110_firmware	≤ 1.26.11	Yes
Hardware	fujifilm	revoria_press_e1110	-	No
Operating System	fujifilm	revoria_press_e1100_firmware	≤ 1.3.5	Yes
Operating System	fujifilm	revoria_press_e1100_firmware	≤ 1.26.11	Yes
Hardware	fujifilm	revoria_press_e1100	-	No
Operating System	fujifilm	revoria_press_sc180_firmware	< 1.22.8	Yes
Hardware	fujifilm	revoria_press_sc180	-	No
Operating System	fujifilm	revoria_press_sc170_firmware	< 1.22.8	Yes
Hardware	fujifilm	revoria_press_sc170	-	No

References

https://jvn.jp/en/vu/JVNVU96482726/index.html Third Party Advisory ([email protected])
https://security.business.xerox.com/en-us/documents/bulletins/ Vendor Advisory ([email protected])
https://www.fujifilm.com/fbglobal/eng/company/news/notice/2023/1031_addressbook_announce.html Vendor Advisory ([email protected])
https://jvn.jp/en/vu/JVNVU96482726/index.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.business.xerox.com/en-us/documents/bulletins/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.fujifilm.com/fbglobal/eng/company/news/notice/2023/1031_addressbook_announce.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For xerox's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.