Cyber Resilience

CVE-2021-20679

High

Published: 25 March 2021

Published
25 March 2021
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0051 66.9th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-20679 is a high-severity an unspecified weakness vulnerability in Fujixerox Apeosport C2060 Firmware. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 33.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d,…

more

DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP) allow an attacker to cause a denial of service (DoS) condition and abnormal end (ABEND) of the affected products via sending a specially crafted command.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

fujixerox
docucentre-vii c7773 firmware
all versions
fujixerox
docucentre-vii c6673 firmware
all versions
fujixerox
docucentre-vii c5573 firmware
all versions
fujixerox
docucentre-vii c4473 firmware
all versions
fujixerox
docucentre-vii c3373 firmware
all versions
fujixerox
docucentre-vii c3372 firmware
all versions
fujixerox
docucentre-vii c2273 firmware
all versions
fujixerox
apeosport c2570 firmware
all versions
fujixerox
apeosport-vii c4422 firmware
all versions
fujixerox
apeosport-vii c3322 firmware
all versions
+65 more product configuration(s) — see NVD for full list

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References