Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
1 Reply
CherylO-Xerox
Valued Advisor
Valued Advisor
‎05-20-2021 07:09 PM

Re: Security issue with latest WorkCentre 6515 firmware - SMTP STARTTLS

Hi SanMarco, 

Thank you for using the Support Forum. Looks like you have tried all your options.  Please consider submitting a Product Security Information Request to get further information and report your concerns.  They may be able to provide you more information.  Additionally you can consider contacting your support centre for further assistance.

Thanks,
CherylO-Xerox
Community Manager

Be sure to click Kudos for those who have helped you.
Select Accept as Solution for posts that have helped to solve your issue(s)!

Reply
SanMarco
New Member
New Member
‎05-18-2021 09:21 AM

Security issue with latest WorkCentre 6515 firmware - SMTP STARTTLS

Product Name: WorkCentre 6515
Operating System: Windows 10 x64

Hello, 

I am an IT engineer and I did a security audit on our Company infrastructure, which includes a Xerox WorkCentre 6515. 

I updated the firmware of our Workcentre 6515 to the latest available one (65.65.51, PL7-R3).
We also updated our webserver software thath handles Company mail during the last week and it is fully operating.

I have noticed that the printer would not connect anymore to our SMTP server (postfix/SMTPD) using STARTTLS on port 587 to deliver scans to our network. 

The issue is that when enabling "modern" TLS protocols and ciphers and discarding weak ciphers (TLS 1.0 and 1.1 cipher suites as well as some TLS 1.2 TLS_RSA ciphers) in our SMTP webserver, the printer would not connect anymore to our smtp server (Xerox error 017-714 Smtp over ssl failed).

The Workcentre is set to use only TLS 1.2 (but I tried also checking both TLS 1.0 and 1.1).

I noticed these failures in our SMTP server log:

postfix/smtp: SSL_accept error from XXX
postfix/smtp: lost connection after STARTTLS from XXX
postfix/smtp: disconnect from XXX

Reenabling these cipher suites, by selecting "old" in the TLS compatibility setting of our webserver, was the key to restart the mail functionality of the printer.

This is a security issue, as these ciphers are known to be weak and cannot be utilized in a modern IT environment. I expected the newest firmare (February 2021) of the Workcentre 6515 to be up-to-date regarding the security, but it seems this is not the case.

We have temporarily suspended the mail functionality of our WorkCentres until the issue is solved.

 

Tags (2)
0 Kudos
Reply