A device bricking vulnerability in certain xerox printer models that persisted for more than a year and a half agochas been patched now.
The security defect tracked as CVE-2022-23968 was reported to Xerox in September 2019. In January 2020, the vendor had confirmed impact on at least one series of printer models, but said nothing else of the bug for two more years.
The flaw can be triggered using a specially crafted multi-page TIFF file that contains an incomplete image directory payload. Because the printer checks documents to identify resources needed to complete the printing operation, the TIFF handler in the printer’s firmware would fail to parse the incomplete image directories within the TIFF document, suspending the printing job.
After the reboot, the print queue management interface cannot be accessed before the error and becomes inaccessible after that as well, so there’s no means via any of the available user interfaces for the print queue to be cleared to break out of this vicious loop.
An attacker looking to exploit the vulnerability needs no special permissions, regardless of whether they have local access to the printer, or if they serve the specially crafted TIFF document over the Internet.
The researcher executed the vulnerability on Xerox VersaLink printers running firmware versions xx.42.01 and xx.50.61. Xerox announced that it has published an advisory for this critical vulnerability, which confirms that multiple VersaLink series models and two WorkCentre and Phaser models are impacted, and that the bug was addressed in June 2020.