CVE-2021-20679 — HIGH (7.5)

Vulnerability Description

Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d, DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP) allow an attacker to cause a denial of service (DoS) condition and abnormal end (ABEND) of the affected products via sending a specially crafted command.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Fujixerox	Docucentre-Vii C7773 Firmware	-
Fujixerox	Docucentre-Vii C7773	-
Fujixerox	Docucentre-Vii C6673 Firmware	-
Fujixerox	Docucentre-Vii C6673	-
Fujixerox	Docucentre-Vii C5573 Firmware	-
Fujixerox	Docucentre-Vii C5573	-
Fujixerox	Docucentre-Vii C4473 Firmware	-
Fujixerox	Docucentre-Vii C4473	-
Fujixerox	Docucentre-Vii C3373 Firmware	-
Fujixerox	Docucentre-Vii C3373	-
Fujixerox	Docucentre-Vii C3372 Firmware	-
Fujixerox	Docucentre-Vii C3372	-
Fujixerox	Docucentre-Vii C2273 Firmware	-
Fujixerox	Docucentre-Vii C2273	-
Fujixerox	Apeosport C2570 Firmware	-
Fujixerox	Apeosport C2570	-
Fujixerox	Apeosport-Vii C4422 Firmware	-
Fujixerox	Apeosport-Vii C4422	-
Fujixerox	Apeosport-Vii C3322 Firmware	-
Fujixerox	Apeosport-Vii C3322	-

References

https://jvn.jp/en/jp/JVN37607293/index.htmlThird Party Advisory
https://www.fujixerox.co.jp/company/news/notice/2021/0319_announce.htmlVendor Advisory
https://www.fujixerox.com/eng/company/news/notice/2021/0319_announce.htmlVendor Advisory
https://jvn.jp/en/jp/JVN37607293/index.htmlThird Party Advisory
https://www.fujixerox.co.jp/company/news/notice/2021/0319_announce.htmlVendor Advisory
https://www.fujixerox.com/eng/company/news/notice/2021/0319_announce.htmlVendor Advisory

FAQ

What is CVE-2021-20679?

CVE-2021-20679 is a vulnerability with a CVSS score of 7.5 (HIGH). Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, Apeo...

How severe is CVE-2021-20679?

CVE-2021-20679 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-20679?

Check the references section above for vendor advisories and patch information. Affected products include: Fujixerox Docucentre-Vii C7773 Firmware, Fujixerox Docucentre-Vii C7773, Fujixerox Docucentre-Vii C6673 Firmware, Fujixerox Docucentre-Vii C6673, Fujixerox Docucentre-Vii C5573 Firmware.