CVE-2019-13171

CRITICAL

Xerox Phaser 3320 V53.006.16.000 - Unauthenticated Stack-Based Buffer Overflow

Title source: llm
STIX 2.1

Description

Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handling of the register parameters, because the size used within a memcpy() function, which copied the action value into a local variable, was not checked properly.

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.0281
EPSS Percentile 84.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
xerox/phaser_3320_firmware v53.006.16.000
Published Mar 13, 2020
Tracked Since Feb 18, 2026