Strix
26.1K

CVE-2021-20679

HIGHCVSS 7.5/10EPSS 1.55%

Last modified

CVE-2021-20679 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d, DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP) allow an attacker to cause a denial of service (DoS) condition and abnormal end (ABEND) of the affected products via sending a specially crafted command.. EPSS estimates a 1.55% chance of exploitation in the next 30 days.

Description

Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d, DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP) allow an attacker to cause a denial of service (DoS) condition and abnormal end (ABEND) of the affected products via sending a specially crafted command.

Metrics

CVSS 3.1
7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Probability
1.55%

71.9th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
FujixeroxDocucentre-Vii C7773 FirmwareAll versions
FujixeroxDocucentre-Vii C6673 FirmwareAll versions
FujixeroxDocucentre-Vii C5573 FirmwareAll versions
FujixeroxDocucentre-Vii C4473 FirmwareAll versions
FujixeroxDocucentre-Vii C3373 FirmwareAll versions
FujixeroxDocucentre-Vii C3372 FirmwareAll versions
FujixeroxDocucentre-Vii C2273 FirmwareAll versions
FujixeroxApeosport C2570 FirmwareAll versions
FujixeroxApeosport-Vii C4422 FirmwareAll versions
FujixeroxApeosport-Vii C3322 FirmwareAll versions
FujixeroxApeosport C2360 FirmwareAll versions
FujixeroxApeosport C2060 FirmwareAll versions
FujixeroxApeosport-Vii Cp4422 FirmwareAll versions
FujixeroxApeosport-Vii Cp3322 FirmwareAll versions
FujixeroxApeosport Print C4570 FirmwareAll versions
FujixeroxApeosport 3570 FirmwareAll versions
FujixeroxApeosport 1860 FirmwareAll versions
FujixeroxApeosport-Vii 5022 FirmwareAll versions
FujixeroxApeosport-Vii P4022 FirmwareAll versions
FujixeroxDocucentre-Vi C2264 FirmwareAll versions
FujixeroxDocuprint Cp500 D FirmwareAll versions
FujixeroxDocucentre-Vii C7788 FirmwareAll versions
FujixeroxDocucentre-Vii C6688 FirmwareAll versions
FujixeroxDocucentre-Vii C5588 FirmwareAll versions
FujixeroxApeosport-Vii C7773 FirmwareAll versions
FujixeroxApeosport-Vii C6673 FirmwareAll versions
FujixeroxApeosport-Vii C5573 FirmwareAll versions
FujixeroxApeosport-Vii C4473 FirmwareAll versions
FujixeroxApeosport-Vii C3373 FirmwareAll versions
FujixeroxApeosport-Vii C3372 FirmwareAll versions
FujixeroxApeosport-Vii C2273 FirmwareAll versions
FujixeroxApeosport-Vii C7788 FirmwareAll versions
FujixeroxApeosport-Vii C6688 FirmwareAll versions
FujixeroxApeosport-Vii C5588 FirmwareAll versions
FujixeroxApeosport C7070 FirmwareAll versions
FujixeroxApeosport C6570 FirmwareAll versions
FujixeroxApeosport C5570 FirmwareAll versions
FujixeroxApeosport C4570 FirmwareAll versions
FujixeroxApeosport C3570 FirmwareAll versions
FujixeroxApeosport C3070 FirmwareAll versions
FujixeroxApeosport C7070g FirmwareAll versions
FujixeroxApeosport C6570g FirmwareAll versions
FujixeroxApeosport C5570g FirmwareAll versions
FujixeroxApeosport C4570g FirmwareAll versions
FujixeroxApeosport C3570g FirmwareAll versions
FujixeroxApeosport C3070g FirmwareAll versions
FujixeroxApeosport-Vii C4421 FirmwareAll versions
FujixeroxApeosport-Vii C3321 FirmwareAll versions
FujixeroxApeosport C3060 FirmwareAll versions
FujixeroxApeosport C2560 FirmwareAll versions

Showing 50 of 75 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-20679?
Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d, DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP) allow an attacker to cause a denial of service (DoS) condition and abnormal end (ABEND) of the affected products via sending a specially crafted command.
How severe is CVE-2021-20679?
CVE-2021-20679 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 1.55% probability of exploitation in the next 30 days.
How do I fix CVE-2021-20679?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-20679?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST