CVE-2018-16709
high-risk
Published 2018-09-07
Fuji Xerox DocuCentre-V 3065, ApeosPort-VI C3371, ApeosPort-V C4475, ApeosPort-V C3375, DocuCentre-VI C2271, ApeosPort-V C5576, DocuCentre-IV C2263, DocuCentre-V C2263, and ApeosPort-V 5070 devices allow remote attackers to read or write to files via crafted PJL commands.
Do I need to act?
-
0.76% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (9)
Docucentre-V 3065 Firmware
Apeosport-V C4475 Firmware
Apeosport-Vi C3371 Firmware
Apeosport-V C3375 Firmware
Docucentre-Vi C2271 Firmware
Apeosport-V C5576 Firmware
Docucentre-Iv C2263 Firmware
Docucentre-V C2263 Firmware
Apeosport-V 5070 Firmware
Affected Vendors
References (2)
50
/ 100
high-risk
Severity
32/34 · Critical
Exploitability
3/34 · Minimal
Exposure
15/34 · Moderate