CVE-2019-13170

MEDIUM

Xerox Phaser 3320 Firmware V53.006.16.000 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement any mechanism to avoid CSRF attacks. Successful exploitation of this vulnerability can lead to the takeover of a local account on the device.

References (2)

Core 2

Scores

CVSS v3 6.5
EPSS 0.0041
EPSS Percentile 32.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE
CWE-352
Status published
Products (1)
xerox/phaser_3320_firmware v53.006.16.000
Published Mar 13, 2020
Tracked Since Feb 18, 2026