CVE-2024-55927

High

Published: 23 January 2025

Published

23 January 2025

Modified

28 February 2026

KEV Added

—

Patch

—

CVSS Score 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

EPSS Score 0.0015 35.5th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-55927 is a high-severity Use of Hard-coded Credentials (CWE-798) vulnerability in Xerox Workplace Suite. Its CVSS base score is 7.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 35.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SC-12 (Cryptographic Key Establishment and Management).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

IA-5 Authenticator Management good match

prevent

Mandates proper management and sufficient strength of authenticators like tokens, directly countering flawed token generation vulnerable to prediction or forgery.

SC-12 Cryptographic Key Establishment and Management good match

prevent

Requires secure establishment and management of cryptographic keys, mitigating the use of hard-coded keys that enable token forgery.

SI-2 Flaw Remediation good match

preventrecover

Directly addresses the specific software flaw in token generation and hard-coded keys through timely identification, testing, and remediation.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1550.001 Application Access Token Lateral Movement

Adversaries may use stolen application access tokens to bypass the typical authentication process and access restricted accounts, information, or services on remote systems.

attack.mitre.org →

Why these techniques?

Network-accessible auth bypass via token forgery from hardcoded keys directly enables exploitation of public-facing apps and use of forged application access tokens.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A vulnerability in Xerox Workplace Suite arises from flawed token generation and the use of hard-coded keys. These weaknesses allow attackers to predict or forge tokens, leading to unauthorized access to sensitive functions.

Deeper analysisAI

CVE-2024-55927 is a vulnerability in Xerox Workplace Suite caused by flawed token generation and the use of hard-coded keys (CWE-798). These flaws enable attackers to predict or forge tokens, granting unauthorized access to sensitive functions. The issue carries a CVSS v3.1 base score of 7.6 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L), indicating network-accessible exploitation with low complexity.

An attacker with low privileges can exploit this vulnerability over the network without user interaction. Successful exploitation allows prediction or forgery of tokens, leading to high confidentiality impact through unauthorized access to sensitive functions, as well as low integrity and availability impacts.

Mitigation details are provided in the Xerox Security Bulletin XRX25-002, available at https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf.